StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Operations security and production controls - Essay Example

Cite this document
Summary
The organization that I work for has well defined rules to regulate operational security and production controls. Each rule is well defined and the system ensures that each rule is well audited by the superseding rule. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER91% of users find it useful
Operations security and production controls
Read Text Preview

Extract of sample "Operations security and production controls"

Operations security and production controls The organization that I work for has well defined rules to regulate operational security and production controls. Each rule is well defined and the system ensures that each rule is well audited by the superseding rule. (M. E. Kabay and Myles Walsh). The concept of security should encompass both the concepts of physical as well as intangible materials like information which can be orally compromised. The operational security in the firm is maintained by both uniformed personnel members of the staff who are directly associated with ongoing projects. From the security perspective, operations can be divided into tangible and operational security measures. Tangible security aspects involve the security personnel in the organization who ensure the security of the organization by serving as a barrier between the outside world and the production department, by preventing any material being taken outside. It also involves prevention of any hazardous material being brought inside, apart from ruling out the entry of unauthorized people inside the premises of the company. Roles of the security personnel: One of the most important instructions that the security personnel adhere to, is that access to specific areas of the company is need based rather than designation based. This is intended to ensure that people who are unrelated with a specific project will have least access to the systems that are managed by that project team. For example, the project manager of Project A will not have unrestrained access to the operational facilities that are being operated and managed by the project manager of project B. This ensures that intra-official interference is brought down to the barest minimum. The security personnel also make routine checks to ensure that data sensitive material is not transported inside or outside the company. For example, security personnel in the company if deemed necessary have the right to stop and frisk officials who may be suspected of compromising the security of the organization. Every employee in the organization has a definite security role. The programmers have the minimum security privileges while the project manager has the maximum security privileges within the company. For example, a programmer will need special permission from the project manager to access specific data and to copy or distribute it. Similarly, access to specific network resources is also controlled. Members of the team are also prevented from brining in or taking out media like floppy discs, CDs, pen drives, thumb drives etc into which data may be copied for later distribution to any sources other than to whom it is intended. Authorization for any temporary breach of security norms has to come from the project manager, or the technical head if the project manager is not available for the day. Security measures are implemented in a cascading manner and the lowest positions have very less leeway in terms of bypassing established security norms prescribed by the company and its management. Operational security measures: The operational security measures are those in which the operational staff has a vital role to play than the uniformed personnel who guard the exterior or specific interior areas in the context of physical security. Here the operational strategy of the company with respect to security measures is overseen by the project manager who makes a security plan after discussions with the technical officer of the project. Some of the security measures that are implemented in the company are as follows: 1. With regard to operational security, it is mandatory that all data be checked into Microsoft VSS at the end of working hours. This is intended to ensure that the latest version of the code is available to the members of the team when they resume operations during the next day. Checking in data to VSS also ensures that data is not lost and is not dependent on the availability of a particular person or a group of people who may be working on a particular module and have access to codes. At the end of each working day, code that has been created for the day will be checked into VSS using appropriate and agreed upon naming conventions. The data will be checked out the next day to resume work. This will ensure that fresh code is always available to other members of the team apart from ensuring that code that is old by a maximum of a day is readily available for rework if any 9. (Alan Schwartz, et al.). 2. The company also has a system of backup and recovery in place to avoid total loss of data. Data is backed up into tapes or CDs every third day to ensure their safety and to facilitate availability of vital information in case the system that stores the data crashes or sustains other kinds of physical damage. The backed up data is safely stored in vaults which can be accessed only by the project manager or the technical head of the project. (Douglas Schweitzer). 3. All forms of data and media that may be needed to be transferred between departments have to be approved by the project manager. Fresh or certified media is to be used to transport data across departments when the need arises. This will ensure that data stored in the system doesn’t become corrupt by the presence of virus. Rules also have been introduced to prevent unauthorized copying of data by employees, who may hand it over to unauthorized persons, which may compromise the interests of the company. 4. The company also has a strict network usage system in place. Each member has the privilege of sharing some of his or her work to members of other department, but they will not be able to share any resources that are classified, with members of other departments. This is ensured by checking in members to specific domains that prevents the sharing of unauthorized data. Access to other network resources such as the Internet is also strictly controlled. Only the project leader and designations above the project leader are provided Internet access that will allow them to send mails through the Internet or surf the net. This is primary intended to avoid exposure to risks such as lacking or attack by viruses as well as to prevent data being sent to unauthorized person through the medium of emails or internet/website uploads. Other positions will not need to send mails and they will only be allowed to use internal mails. (Whitman, M. E. and Mattord, H. J., 2005). Works cited Whitman, M. E. and Mattord, H. J. (2005). Principles of Information Security. 2nd ed. Boston: Thomson Course Technology. Kabay, M. E. and Walsh, Myles. CISSP. Operations Security and Production Controls. 4th ed. Schwartz, Alan et al. Practical UNIX and Internet Security. Oreilly & Associates Inc. Schweitzer, Douglas. Incident Response. John Wiley & Sons Inc. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Operations security and production controls Essay”, n.d.)
Operations security and production controls Essay. Retrieved from https://studentshare.org/technology/1542536-operations-security-and-production-controls
(Operations Security and Production Controls Essay)
Operations Security and Production Controls Essay. https://studentshare.org/technology/1542536-operations-security-and-production-controls.
“Operations Security and Production Controls Essay”, n.d. https://studentshare.org/technology/1542536-operations-security-and-production-controls.
  • Cited: 0 times

CHECK THESE SAMPLES OF Operations security and production controls

General Security Mandate and Intent of the Management

As information is the blood life of any organization, it is vital to protect information by implementing physical, logical, and environmental controls.... The paper "General security Mandate and Intent of the Management" presents information security policy.... There are many methods available for constructing an information security policy, the initial step before adopting any one of the methods is to identify the current maturity level....
9 Pages (2250 words) Assignment

Production and Operations Management

The case study "production and Operations Management" states that Managing operations is a crucial aspect of each and every kind of business.... nbsp;… Among the various tools for planning and controlling operations is operations research, which is the application of scientific methods to the study of alternatives in a problem situation to obtain a quantitative basis for arriving at the best solution.... But PERT and its various refinements, like PERT/COST, have considerable potential for use in many aspects of planning and controlling operations....
8 Pages (2000 words) Case Study

Operations Management Concept

It deals with the overall procedure of… The transformation process requires lot of people involvement and techniques that will provide the requirements of the clients (MIT Sloan School of Management, 2010). Operations management is an integral part of The operational level deals with production and control, inventory management, material handling, equipment maintenance policies and inspection and quality control.... Operations management is a vital part of business that deals with the production of goods and services and engages the accountability of certifying the business operations that are effective and efficient....
11 Pages (2750 words) Essay

Operations management

The text is related to the risk concepts and themes based on the ways in which risk can interfere the functionality and operations of a business.... The risks are present in daily operations, private, and public sector companies.... The text is related to the risk concepts and themes based on the ways in which risk can interfere the functionality and operations of a business....
10 Pages (2500 words) Essay

How will Automation Affect Operations Management Practices over the Next Decade

On the other hand, automation can be used in reducing labor cost, increasing production, and improving the quality.... This study, How will Automation Affect operations Management Practices over the Next Decade?... operations management includes decision making about the design, planning, and management of the many factors that affect operations.... Meanwhile, operations are an organization's processes of transforming inputs into outputs....
13 Pages (3250 words) Research Paper

IT Controls

security and privacy controls of information systems are one of the primary strategies organizations and individuals implement to protect their operations, assets, etc.... The security control processes are provided for by the legislation, policies, executive guidelines, standards, directives, conventions, missions and business requirements and they aim to address various security and privacy needs of the organizations or individuals (NIST, 2013).... This case study "IT controls" examines the security issues related to security, interoperability, and operations of Bank Solutions, Inc....
7 Pages (1750 words) Case Study

The Implementation of the Security Plan

This case study "The Implementation of the security Plan" focuses on the action plan that is to beef up the information security in the banks and ensure that all threats and vulnerabilities are reduced to a minimum.... hellip; The national institute of standards and technology sets the various information technology security measures that should be followed together with other bodies like national security agency, the office of management and budget among many others....
7 Pages (1750 words) Case Study

Control Systems Security - Resilience Capability Plan

These are production, transmission as well as the distribution of energy to clients.... As the paper "Control Systems security - Resilience Capability Plan" tells, the performance of creating resilient security systems is to enable the development of new defense architecture that offers an in-depth defense and which employs interoperable, extensible as well as fail-safe systems.... Purpose and objectives              The performance of creating resilient security systems is to achieve several objectives aimed at mitigating challenges that come about with energy sector security risks....
8 Pages (2000 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us