Respond to these colleagues (BELOW): (Half a page each and please, provide references separately)
Cybersecurity governance requires a set of actions that are necessarily different from managing a company or resource. What is IT governance and why is it important to an organization?
Post from colleague 1
“An IT governance framework is the structure for leadership, organizational, and business processes with regard to information technology. Compliance to these standards ensures an organization’s IT supports and enables the achievement of its overall strategies and objectives.” (Tulane University, n.d.)
IT governance (ITG) is essential to a well maintained network, this can dictate what devices are allowed on the network to when the devices can be on the network. Years ago, I didn’t think WiFi was secure enough with just WEP, so at my house I turned on MAC filtering with the password still. For a long time, I ran my networks like that, and then I could have a simple password. Now as a business owner and IT Consultant, I have been doing this on my client’s networks as well. Most have a guest network setup, so that one I turned on Captive portal for that network. However, I have different VLANs in the offices and for the main business network, all MAC addresses (Wired and Wireless) for all corporate devices are entered into the allow list. Although, they still have wireless devices and those wireless devices are put on the allowed list for that SSID and VLAN. This allows only devices that are approved on the actual corporate network. All others even if they find out the password, it would still be difficult to gain access.
Another ITG point is access control, maintain physical and network access control and use the “principle of least privilege” (Principle of Least Privilege states that a subject should be given only those privileges needed for it to complete its task. (CISA.gov, 2013)) Basically, if you don’t need it, you don’t get it. To maintain overall network security Least Privilege is a great though process. However, Least Privilege will cause a lot of trouble tickets at first. When you implement more restrictions on a network, the people that lose access will complain at first. For this, these people need to submit a request and get approval for access prior to receiving it.
CISA.gov. (2013, May 10). Least Privilege. Retrieved from Cisa.gov: https://us-cert.cisa.gov/bsi/articles/knowledge/principles/least-privilege
Tulane University. (n.d.). Why is a Sound Framework so Important for IT Governance. Retrieved September 12, 2020, from Tulane University: https://sopa.tulane.edu/blog/sound-it-governance-framework
Post from colleague 1
All types of businesses are becoming much more IT intensive and digitally complex. From retail to transportation, most modern businesses run their operations using the Internet. As a result, it is imperative that these businesses maximize the overall value and effectiveness of their IT investments.
In order to add business value, IT must be aligned with business objectives and carefully monitored. IT Governance, or ITG, is the process put in place to efficiently manage a business’s IT resources. ITG combines the efforts of senior management with the support of junior staff to help ensure that all IT functions within the business are adequately carried out. Server management, network management, and general computer operation are a few critical areas where ITG may manifest itself (Khouja et al., 2018). However, even proper controls do not guarantee a secure or stable system. As documented by Cognizant (2013), over half of today’s IT investments are either wasted or fail to deliver any type of return. Therefore, it is important for CIOs to maintain an effective IT governance plan as a top priority in order to maximize IT’s contribution to a business’s value.
Together IT governance and business priorities can be progressive economic enablers. To realize their key benefits, CIOs, CEOs, and senior management must invest in instilling an integrated culture through effective communication, training sessions, and appropriate incentives for better compliance.
Cognizant. (2013). Maximizing business value through effective IT governance. Retrieved from https://www.cognizant.com/services-resources/Services/Maximizing-Business-Value-Through-Effective-IT-Governance.pdf
Khouja, M., Rodriguez, I. B., Halima, Y. B., & Moalla, S. (2018). IT governance in higher education institutions: A systematic literature review. International Journal of Human Capital and Information Technology
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we\'ll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.