Blog 7.1-IS Security

Their are five different types of threats that can effect a computer information system.  These threats include viruses, outside intruders, inside intruders, link to outside businesses, and natural disasters/accidents.  Viruses can take control of your computer and/or damage it and its contents.  At Ferrum Medical we use antivirus programs (ex. Norton Security) to protect our IS from various types of viruses, thus protecting our computers and network.  Outside intruders, such as hackers, are a threat because they can hack into our databases and draw information that could be used in malicious ways.  We are also able to protect information we send over the internet by encrypting it so outsiders are unable to determine what is being sent and recieved.  At Ferrum Medical we have physical access restrictions such as authentication, so that only certain information can be accessed by outside users and peoples personal information is not accessed by hackers.  Inside intruders, such as employees, can be a serious threat to an IS system cause they can tamper with payroll or even tamper with data that is necessary for daily use.  Through the use of authentication we can prohibit who gets on the on our local network, using access-control software we only allow employees to access files related to their work, and timed login that logs an employee out if they are away from the computer for a certain amount of time.  Link to outside businesses is a security risk because information between businesses is vulnerable to being intercepted by  hackers.  At Ferrum Medical we encrypt our information we send to such businesses as pharmacies and also send it through a VPN so it is protected going over the internet and to make sure no outsiders try to intercept our information and send a virus or something we install firewalls that prevent that from happening.  Natural disasters and accidents are other threats to a computer IS.  To help deal with or prevent this from happening we create a backup site in case ours goes down for any reason.  Also we have set up a disaster recovery plan, which spells out detailed procedures for recovering from systems-related disasters.