Task 1

docx

School

Moi University *

*We aren’t endorsed by this school

Course

200

Subject

Information Systems

Date

Nov 24, 2024

Type

docx

Pages

6

Uploaded by BarefootBandit

Report
Running head: REGULATORY REQUIREMENTS AND STANDARDS 1 Regulatory Requirements and Standards Name Institutional Affiliation
REGULATORY REQUIREMENTS AND STANDARDS 2 Regulatory Requirements and Standards Information system security is an important aspect of any organization. Numerous threats face information systems, and the organization must put up measures and policies to address these emerging issues. The most important issue in information systems is data privacy and security. An organization must ensure that it has stronger systems and protocols that can help protect the data. Technology has rapidly advanced with information systems and computer-based networks taking over traditional methods of doing things. All the sectors have embraced the use of technology and healthcare is one of the fields where technology has transformed the way of doing things. The use of technology networks is affected by insecurities which put privacy, availability, and confidentiality of data at risk. As technology advances, so as the tactics and strategies used by hackers to infiltrate systems and launch attacks. As such, organizations must develop comprehensive plans for addressing system security. The Heart-Healthy Insurance Information Security Policy provides a case scenario of improving data system security. In this case, the focus on new users and password requirements in an information system advance the issue of system security within the organization. New Users As the organization grows and expands through the recruitment of new employees, it must also admit these new users into the information system. The system grows both in the number of users and the information entering and leaving the system. New users can pose a threat to an information system, and the organization must regulate how new users are admitted and the kind of information they are allowed to access. Security measures must be put in place to ensure that systems are secure and users will ill motives do not get the opportunity to infiltrate the system. A clear policy should be put in place to regulate how new users are admitted and the
REGULATORY REQUIREMENTS AND STANDARDS 3 kind of information they are allowed to access. It will further provide a guideline of procedures that should be followed by new users. The system administrator is the only person under which new users should place their request to join the system. The system administrator must ensure that all new users provide accurate information. The accuracy of information should be used only in approving the requests. Upon approval, new users must sign in to the systems with information sent to the organization’s email accounts. Upon login, they should change their passwords promptly. The new users must agree to information systems regulations which would allow them to continue using the system. They are encouraged to read through the policy before proceeding to agree. New users who engage in activities that amount to threats to information systems will have their profiles deactivated and subjected to disciplinary procedures as provided by the policy and company laws. Justification The proposed policies provide a guideline under which new users can be approved into a system. A formal request to the system administrator indicates the user’s desire to access important organizational information that allows them to work. The approval by the administrator is critical as it helps to authenticate the requests in line with users recruited by the organization (Balcik, Gahler & Abeykoon, 2017). It is the administrator who can identify fake requests that could have put the system under threat. The signing in process and change of passwords helps in securing the system and attaching responsibility to the new user. Passwords generated by the system are not safe, and change of password is important (Schwalbe, 2015).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help
REGULATORY REQUIREMENTS AND STANDARDS 4 The agreement by the user attaches responsibility to the approval request. The warning on any violation helps to remind employees the need to follow organizational policies relating to the use of information systems. Password Requirements Passwords authenticate the use of information systems. System administrators must ensure that users sign in with unique passwords any time they want to access the system. Passwords must be strong, unique and not shared. The password policy below guides how passwords should be used in the organization. All passwords must be unique and should not contain suggestive names. Passwords must contain at least eight characters with uppercase and lowercase letters, numbers, and symbols. Passwords must be changed every two weeks. Users must not use previous passwords anytime they make changes. Passwords should not be written or stored anywhere. Passwords are personal and should not be shared with anyone whatsoever. Justification Passwords provide secure access to systems and can also pose a risk to the same systems if used by unauthorized persons. Passwords should be unique and strong and should not be suggestive in any manner (Abdellaoui, Khamlichi & Chaoui, 2016). Some people tend to use their names which increases the risk of being used by unauthorized persons. The choice to use letters, numbers, and symbols ensures that a password is hard to predict. A change of password from time to time makes it harder for hackers (Schwalbe, 2015). Passwords are personal and
REGULATORY REQUIREMENTS AND STANDARDS 5 should not be shared which attaches responsibility to the user. When these guidelines are implemented, system security will be enhanced.
REGULATORY REQUIREMENTS AND STANDARDS 6 References Abdellaoui, A., Khamlichi, Y. I., & Chaoui, H. (2016). A novel strong password generator for improving cloud authentication. Procedia Computer Science , 85 , 293-300. Retrieved from https://www.sciencedirect.com/science/article/pii/S1877050916305841 Balcik, J., Gahler, L., & Abeykoon, T. (2017). U.S. Patent Application No. 14/798,847 . Retrieved from https://patents.google.com/patent/US20170019416A1/en Schwalbe, K. (2015). Information technology project management . Cengage Learning. Retrieved from https://books.google.co.ke/books? hl=en&lr=&id=mPeoBAAAQBAJ&oi=fnd&pg=PR7&dq=+importance+of+a+user+deta ils+to+an+information+systems&ots=FMot- r1S5k&sig=_YyxEJoFVPlUkyQa_PmNeMaNuP8&redir_esc=y#v=onepage&q=importa nce%20of%20a%20user%20details%20to%20an%20information%20systems&f=false
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

Article Summary 1.docx
attachment_1 - 2023-11-17T195850.303.docx
Norris_Week5.docx
_wgu_course_c838___managing_cloud_security_exam-189.pdf
ttcyftxycf (59)-9.pdf
Environmental Sustainability Fair.docx
Discussion 1 of 1.docx
Sophia-Principle-Finance-Milestone (133).jpg
_wgu_c838_ (50).pdf
Summarize the article in 50 words_.docx
C838 (23).pdf
How to Use Analog application Programming for conducting digital investigations.docx