100%(1)1 out of 1 people found this document helpful
This preview shows page 1 - 3 out of 6 pages.
SECURITY POLICY ETHICS1 Assessment 5: Security Policy EthicsDean M. SlocumCapella University
SECURITY POLICY ETHICS2 IT infrastructure security vulnerabilities and risk mitigation.IT infrastructure can have many categories of threats and vulnerabilities that range from natural disasters to human error to multi-layered cyber-attacks. Natural disasters can include a tornado or a sink hole. Climate and geological conditions will play a large factor in the physical security required to maintain an IT infrastructure. Depending on where a physical infrastructure is located, different building codes and designs will need to be factored into a budget’s expenses. For example, a facility located in the Midwest will need to account for tornados and flooding. However, a building in southern California will need to account for earthquakes and fault lines. The building’s structure will drastically change depending on these and other factors (Andrews, 2018).Human error can potentially cripple a system. For example, an employee could perform an inadequate server rack installation that could lead to the rack collapsing and destroying the equipment that its supporting. Or an employee working remotely could have a malicious piece ofsoftware on their device without realizing it. This could lead to an unauthorized individual having access to the system and sensitive information. Even an unpatched driver could lead to a potential exploit. Proper policies, protocols, and oversight need to be put into place to ensure simple mistakes like these do not occur. These can take the form of encryption and VPN use during remote access sessions and monitoring software that will constantly check the system for irregularities (Andress, 2014).