Global Finance, Inc. (Gfi) Term Paper

Pages: 10 (2947 words)  ·  Bibliography Sources: 3  ·  File: .docx  ·  Level: College Senior  ·  Topic: Business

Company can utilize pass code as technical control, and then be able to come up with a policy and process as what is considered to administrative control.

The lack of security in any one of these components is going to have some kind of negative impact on the computer environment. If there not policy in place, then there can be no good or organized management direction on how to keep the business protected, which also means their people, operation and its information. If there are no procedures and actions with related values, application of policy will be founded on an individual's understanding of policy -- which is expected to vary from individual to individual. If there is no physical security, then administrative and logical controls can be effortlessly avoided without being exposed. The absence of environmental controls can bring down the enterprise and then cause more destruction than a mischievous agent. If there is personnel security that is insufficient, the probability of insider threat increases dramatically and the influence may not be noticed for an important period of time.

The business report developments for the past few years must face with improve system that is tackling more remote users. Upgrade of hardware and application will resolve the delay users complain about and will aid the corporation to keep their evolution in the future. An Employee is considered to be an asset for the company, and improving their qualification will improve the corporation performance and will end the end support their growth. Outsource could possibly solve some money issues, but it might not necessarily take care of everything.Buy full Download Microsoft Word File paper
for $19.77

Term Paper on Global Finance, Inc. (Gfi) Assignment

One major security control Global Finance, Inc. is missing is the administrative control policies. The company has to come up with some policies that are necessary to back their operation in order to get their mission in way that is considered to be proper. Management must find a way to force their rules by doing two things. The first would be to bring security awareness training which is considered to be a preventive measure that will aid users to recognize the profits of security practices. If workers are not able to understand the need for the controls being forced, they may sooner or later avoid them and in that way weaken the security program or render it unproductive. Technical training can aid so that they will not run into all of the common security issues such as omissions and errors in addition to making sure that they understand how to make suitable backup files and notice control viruses. Also, technical training just in case there is an emergency and fire drills for operations personnel that can make sure that proper action will be done to stop such events from moving into disasters. Second, a law that explains violations for workers who are not ignoring or following organizational policies.

At the same time, Global Finance lacks a disaster and recovery procedure which is a document that shows all of these procedures for emergency response, and protracted backup operations. It also needs what is called recovery, and this is necessary just in case a computer installation experiences some kind of a partial or total loss of physical facilities (or of admission to such facilities) or computing resources. The most important goal of this plan, used in combination with the contingency plans, is to make available sensible assurance that a computing installation can recover from disasters, continue to process critical applications in a mode that is degraded, and return to a normal mode of operation inside a time key that is reasonable. An important part of disaster recovery planning is to make available for processing at an alternative site throughout the time that the original facility is unobtainable.

Emergency and contingency plans instituted some kind of recovery procedures that speak to specific threats. These strategies aid in stopping minor incidents from being able to escalate into some disasters that could be far worse. For instance, an eventuality plan might deliver a set of procedures that describes the condition and response necessary in order to return a computing competence to nominal operation. An emergency plan is much needed because it might be a specific process for shutting down equipment in the occurrence of a fire or for leaving a facility in the occasion of an earthquake.

Redundancy is the replication of critical mechanisms or functions of a system with the purpose of increasing dependability of the system. The corporation does not need to shut down their system just in case there is hacking and stop their business for these kinds of incidents. Global Finance will need to know the importance of having regular backups of their data they see as important, but to what extent does data need to be backed up in order for it to be safe? It is very possible that someone or even a worker could possibly break into the system and then steal the backups that they could have been using for hundreds of gigabytes of photo files, home videos, and documents of past computers. In some cases certain software information can be stolen, and if Global Finance has the originals on their laptop or a redundant offsite backup, they could very well would have lose all of their data. Global Finance situation is not uncommon, and it's a perfect example of an often understated standard that all of the employees at the company should be able to understand: Global Finance needs redundant backups.

It's pretty simple for Global Finance: They will need to back up their data frequently. When they have set up that back up schedule, Global Finance should figure out a way to back up their data again. After they have got a couple current backups of their files, they should consider backing up their backups off-site. Also, it seems meaningless to contemplate of backing up backups, nonetheless if anything occurs -- failed drives, theft, fire, flood, etc. -- those backups could possibly be lost forever, and if a company has ever lost an important amount of data on account of a hard drive failure then they will know that backups are worth their weight in gold.

Certainly, there is a point of diminishing return when it comes to how much redundancy is needed at Global Finance -- it's not worth the company time/effort/cost to back up their backups ad infinitum -- so the following are some of the best practices that will help Global Finance in the information technology industry:

Schedule and plan regular backups in order to keep Global Finance archives up-to-date. If the company's laptop's hard drive dies, having backups from a long time ago probably will not help the organization as much as backups from last night.

Global Finance needs to make sure the company's data exists on three different mediums. It might seem needless, but if the company's already being intentional about backing up the organization information, they need to take it one step further to duplicate those backups at least one more time.

Something might happen to the company's easy onsite backups, so it is significant to consider off-site backups also. There are a lot of companies offering secure online backups for home users, and those are largely easy to use.

Global Finance needs to check their backups regularly. Having a backup is hopeless if it is not configured to back up the precise data and running on the schedule that is correct.

RAID is not considered to be a backup solution. Yes, RAID can match data across hard drives, nevertheless that do not mean the data is being "backed up" ... If the RAID array does not appear to work, all of the hard drives (and all of the data) in the array will crash with it.


The Risk Assessment at Global Finance identifies the present level of risk for the application and provides for the company risk mitigation recommendations for management review. The Risk Assessment at the organization serves as the main access control function for many critical applications and the loss of system availability, confidentiality, and/or reliability that could have an incapacitating impact on the organization's assignment. The sensitivity level of the system and of the data stored within, handled by, or communicated by the system reflects the worth of the system to the organization. Applying the recommended safeguards will decrease the general risk exposure associated with the general vulnerabilities talked about above.


Gregory, L.M. (2011). CISSP for Dummies. New York.

Krause, H.F. (2009). Information Security Management Handbook. New York City.

Risk Management: The Importance of Redundant Backups. (21, November 2012). Retrieved from Softlayer: [END OF PREVIEW] . . . READ MORE

Two Ordering Options:

Which Option Should I Choose?
1.  Buy full paper (10 pages)Download Microsoft Word File

Download the perfectly formatted MS Word file!

- or -

2.  Write a NEW paper for me!✍🏻

We'll follow your exact instructions!
Chat with the writer 24/7.

View 200+ other related papers  >>

How to Cite "Global Finance, Inc. (Gfi)" Term Paper in a Bibliography:

APA Style

Global Finance, Inc. (Gfi).  (2014, April 28).  Retrieved September 30, 2020, from

MLA Format

"Global Finance, Inc. (Gfi)."  28 April 2014.  Web.  30 September 2020. <>.

Chicago Style

"Global Finance, Inc. (Gfi)."  April 28, 2014.  Accessed September 30, 2020.