The information system basically is the collection of applications. These applications are integrated applications about the front end, back end, data base or trackers etc. It is the asset of a company or an organization that is used to increase the profit and efficiency. Here we will discuss the security objective and threat identification.
Integrated Applications has two parts the one is soft or Logical part and the other is physical part.
- Soft or Logical Part
- Physical Part
Soft or logical part is about Clients ,Servers , Data Base and Network. And the physical part is about Machine , Hardware , Routers ,Network devices and cables etc..
Objective of Information System (IS)
The main objective of IS system is security . How to secure from threats ? What levels of security we need to tackle those threats ? And understand the level of threats that can happen to logical and physical components of our information system.
Possible Threats and Threat Identification
The first step is to find out the possible threats. Identify the threats which are more dangerous . We have to identify the threats that can effect logical and physical components of the information system.
The logical component can face threats like a Virus attack , hacking , data can be corrupt , crash of application , difference in inputs and outputs , page loading increased, server down like that. Remember, At times the logical damage can leads to physical damage. But physical damage mostly leads to logical damage like information lost.
What next after Threat identification ?
After threat identification we will see following three things about threat
- Frequency of occurrence
- Impact
- Domain
The first we need to know the frequency of occurrence mean how many times threat effect our system and at what intervals? The 2nd what is the impact of threat on system , which part and function is affected by threat. And the last Domain of the threat. | Security Objective and Threat Identification
Threat identification can lead to security demand. So we think about what is the security demand of Information System (IS) ? Organizations or companies invest time and money to acquire Information System for Audit and control. Information system should have following qualities ,It should be
- Effective
- Correct
- Efficient
- Reliable
Remember , Information System ( IS ) will only be effective and secure when its information will be
- Complete
- Correct , and
- Authorized
If you like this information , Please share and if you have any queries comment below . Thank You!
Read More;
What is a business model and how is it helpful for the software engineering team?