Solution Class Of Optimal Regulator Problem Essay

Question:

Discuss About The Solution Class Of Optimal Regulator Problem?

Answer:

Introduction

Computers have brought significant changes to the field of information and technology. Since the inception of the computers, information technology received a boost and as a matter if fact the field received a new face as it underwent transition to magnitude that no one would simply describe over the last few years. Sincerely speaking we are in the age of the computers and business have fully adopted the mode as the main style of communication such as in the marketing, promotion, selling, social networking, teleworking and in holding online meeting in what is called the teleconferencing. The use of computers in the communication has introduced new dimensions and as such, the business platform has altogether received a new face. We can strongly argue that, in the near future no machine that will work with a lot of precision as the computers. However, there are risks that normally relate to this type of communication model. These risks can simply be seen as the hindrances that limit the effectiveness of the method of communication (Kwon, 2012).

Executive summary

This section provides a summary of the main findings and the recommendations emanating from the analysis of the information concerns in AGTEK financial institution. The company is highly focused in fostering a reliable system, through creating a wall against the vulnerabilities. The company has made significant investment in the field of information and technology, its management team and the policy makers have unreserved dedication and commitment to providing quality (Hsu, 2009).

We acknowledge that the trend is no defect but a life reality where life has diverse capabilities. In cognizance to this fact, we take security and data management so strict that our client identity has to be dominant at all the time. Security in our system is paramount no doubt; we understand the mess that can be encountered upon the system being open and accessible to all employees. Above all, we appreciate that the vulnerability of our system is never a self-making but a challenge that affects all systems in the entire globe. We therefore do not allow any chance of mess we constantly assess our systems to have an ideal and systematic securing mechanism.

Risk to data security entails the malicious programs such as viruses, worms, spyware, Trojans, adware, hackers and phishing (Juhee, 2011).

Threats and Vulnerability

In ordinary situation, these terms can be thought to have the same mean. However, the two are different as indicated below; threat can be discussed as the event that has a capacity of negatively affecting a given resource. On the other hand, we can discuss Vulnerability as the ability of a resource or the surroundings that gives space for the threat. For example, a bank robber is a threat. In addition, a teller working in the bank is vulnerable to a bank robbery. In the bank, the bulletproof glass separating the teller and the robber denies the chance for the robber to shoot the teller. It is important to note that the threat remains in place but the harmful acts –gunshot has been extenuated through using a protection mechanism (Siponen, 2008).

Likewise, in the information system, there will always be threats that work to limit the effectiveness of the system and the vulnerability of the system can never be completed subverted. Having noted this the proper address of this challenge is threats mitigation. Thus can be thought of as the efforts made to have the negative effect contained or even limiting the level of damage should the threat affect the system. Alternatively, speed of recovery is another technique used in preventing the threat that might affect the performance of the information system. It is recommendable that the proper methods is adopted to manage the threats affecting the system. This can only be e achieved through properly understanding the systems specific challenges and not the general vulnerabilities, this does not only limit challenges but it also limits the chances of extravagance (Eric, 2011).

Though the two terms have received a different classification, they can interweave under the security concerns. These can be described in four different categories these are Physical concerns, these are site-specific undesirable personal acts either deliberate or unintentional such as vandalism, theft and trip hazards. The second category of concern is the environmental concerns. These are site-specific site undesirable occurrences such as dust, lightning, and sprinkler activation etcetera (Jha, et al, 2009). Thirdly, we have the site- support concerns and these are the foundational site features they include, electricity, water, climate and power. Important to note is that these classes of concerns are not resolvable but they are addressed through facility design and maintenance. Finally, there is the technical concerns these occur within the system such as the malicious software, improper system operation and line tapping (Dhillon, 2008).

IT assessment

Over time, challenges may emerge including the redundancies, inefficiencies and the performance gaps. To identify any of the above aspect a through and a close monitoring of the system is important this is done through what is referred to as the risk assessment. This can be described as the comprehensive and a rigorous review of the company’s technology systems and the environment. Some of the areas that can be analyzed during the assessment include Data storage these include, permissions, performances, availability and the accessibility. Server infrastructure can also be assessed and this can be thought as support, visualization and the operating systems. Network infrastructure these include UPS, environmental controls, power and the support. Others include carrier services, cloud services, applications, disaster recover, telephony, network security and the risk.

Benefits of a better IT assessment.

  • Quick growth and development
  • Post-merger integration
  • Legal compliance requirements
  • Improvement in the competitive landscape
  • Cost-reduction

Aztec has the plan of adopting a new technique to facilitate in improving the face of the company and if possible to improve on the market dominance. The proposed model by the management on allowing he employees to use their devices for their official duties is characterized in the text as follows; The new method have both the advantages and disadvantages, it is important to note that the desired model should pose minimal challenges to the system. Strictly speaking, the market value of a design to be used may be high but the quality test may be subverted through violation of the security policy and this would mean dropping the model for a new alternative testing (Baskerville, 2007).

Testing the proposed portfolio

The new mode proposes that the members of the staff may be allowed to use their personal gadgets to carry out their daily task this has the following advantages. Efficiency as one uses the model that he/she is conversant with, this improves productivity. Making working condition as friendly as possible. Ease of use, reduced overheads and expense relating to the infrastructure. Nevertheless, there are implications to the system’s concern. Of concern in this part is the threat the model raises to the system. It is important to note that the system is an asset of the company that should be safeguarded in the best way possible and the process should never be very expensive. Importantly, penetration to the system should be limited to only the gadgets that have been certified and accredited to gain access to the company’s home group. It is very critical to have dedicated style of gaining entry to the Aztec’s network because the company is dealing with the finance and a s such a mess in the connection might imply lead to one of the greatest losses of resources. As noted above, systems are always vulnerable to malware and as such limiting and control of the accessibility is never an option but a mandate for effectiveness and full utility of the desired model without sidelining security demands (Siponen, 2009).

It is important to approach the topic having a definite understanding of the threats and vulnerabilities involved in the proposed model. In devising the correct controls to manage the risks relating to the using personal gadgets to carry out official duties. At this point, we need to establish a balance between the cost, productivity and the effectiveness of the countermeasures employed to manage a situation and in turn quantifying the value of the system that is being guarded. The question answered at this level is whether the cost of controlling the numerous gadgets and their effects to the company is consequential to the returns- we find that creating a wall to curb such a situation makes the guarding process an expensive undertaking (Bandyopadhyay, et al 2009).

Risk management entails the analysis of the process to have a balance established between the operational and the economic costs of a certain control measure, hence attain gains in mission capacity through protecting the IT systems and any set of information that offers support to the missions of the organizations. Notably, the process in the field of information and technology is not a unique coverage it indeed pervades in all our day-to-day lives. An IT department manager should ensure the primacy of the system security. It has the meaning that the security nature of the company will be violated upon letting in the personal gadgets and allowing access to the system. It is apparent that spending on the proposed model will be expensive and largely expose the system to external threats. The concept of managing the risk is rather a complex and a multi-faced activity with multi relationships with some other complex activities.

Other factors to consider are the compliance with the existing policies and the procedures.

When approaching this topic, there are certain guidelines that need to be observed and a s matter of fact they are not proposal but the legal demands that require the concerned party to take charge of the activities it undertakes. In a bank situation the identity and personal information of the members is kept in a more secured and safeguarded place as such entry to a system is limited to individual and to people who can be held accountable in the event there is tarnishing of the individual’s data. In most cases, it does not make a lot of sense to have the details of the bank shared by strange people. In summary, an entry to the system must be guaranteed and manage- as per the allocations made in the accountability and governance act such as article 5, 24 and 24 (Baskerville, 2007).

Data security regulation

In Australia, the government issues some legal guidelines to be followed by the businesses regarding the security of the data. These are described properly under the general data protection regulations. In the 1988 data, the following propositions are made these are the implementation of the privacy in design, it has to indicate compliance with the privacy obligations and policies and adoption of the data handling practices.

Aztec is a reliable financial support provide that is focused at providing quality services to the clients at all levels of demands from small scale to the large scale. Our services are customer oriented and as such, they are inclined at having the goodwill of the customers observed through providing quality and reliable services. Offer of the services are very simple and easy to achieve for all classes of individual irrespective of the class. Of concern is the diversity and the capabilities that our customers possess. Our record illustrate that there is a very big margin between the lower end client s and the other extreme (Shukla, 2009).

A threat as described in information technology is an event that has a capability of influencing a resource negatively. For a company to have a risk assessment, which is termed complete, threats, must be greatly looked into. Threats in an information technology framework can be divided into untrained and system calamities. They are referred to as security concerns. These concerns are based in four categories namely environmental concerns, technical concerns, physical concerns, and site support concerns. The environmental concerns are undesirable site occurrences such as dust, fire and explosions .Technical concerns includes events such as improper operation of the systems, calamities of the system and vicious software. Physical concerns is the other category, which include personal actions, which are described as either intentional or unintentional such as theft, mischief or misfortunes. Site support concerns is the final category, which includes aspects such as telephone services, climatic control and electrical power. Environmental, physical and site support concerns includes all systems present therefore addressed as a part of facility fiction and maintenance (Shukla, 2009).

Vulnerability in information system is described as a weakness, which encourages a hacker to reduce assurance of information in a system and can be exploited buy one or more threats. It is the connection of the capability of an attacker to exploit the flaw, system affection and an attacker’s access to the fault. For exploitation of a vulnerability to take place, an attacker a technique that can easily get connected to the system weakness. Examples of vulnerabilities are personnel, hardware and physical environment of the system. In information technology, vulnerability is exploited where floods can destroy systems of a computer installed at ground floor. An incident where an attacker asks a user to open an email message, which has an attached malware, is also a way of exploiting vulnerability. An attacker can use weaknesses to install and exploit data, which is sensitive. An insider copies a certain program in a hard disk drive and goes or carries it away. Vulnerabilities can be found in some major operating systems such as window, Linux, mac Operating system and various forms of UNIX. Vulnerability has its consequences, as the effect of break of security can be very high. There must be an information Technology risk which is manageable and any action be performed towards ensuring that it is effective. Privacy law is a consequence where the management has to take actions so that to reduce the risk of security in the company. Audit of Information technology security is also a consequence whereby other persons who are conversant with the system are allowed to give credit on where the environment on which the information technology is based is well managed.an organization can adopt measures to form a verification of weakness. This is also a consequence called penetration test. An information system can set up a layer of defense system to help restrict exploitation, to make detection in case of an attack, help find out agents, which are a threat and take action against them. In vulnerability, physical security is important, as it is measures set to protect the information assets physically. We also have disclosure vulnerability also referred to as responsible disclosure. This disclosure makes a signal to the vendors whose confidentiality has been affected before making alert to the computer emergency response team later, which gives the company a grace period of a certain number of days before making a notice based on security alert. The time of disclosure in vulnerability is where any disclosed information has to fulfill requirements where information is made available to the public, the information is published by a trusted source and vulnerability has gone through analyzation by experts such that risk can be incurred if that information is disclosed.

There are consequences of information technology which can either be positive or negative and can affect the use of own devices in an organization. Communication is one consequence where by cost saving is enhanced as the employees use advanced channels like video conferencing instead of travelling to meetings and use of emails or messaging instead of making posts or advertisements. This enhances flexible responses. Security is another consequence where by an organization or a company can bring down its own issues on security or help solve and reduce security issues. For example, use of encryption methods whereby people who are unauthorized, cannot access the information stored or which is being shared from one server to the other. This is also applicable where organizations can use physical security systems such as facial expressions and use of fingerprints or iris detection. The use of own devices can be cost effective to the company as it will not undergo any procedure of purchasing and maintaining the devices as all that is taken care of by the employee who owns it. The company therefore offsets extra costs that would be used to get a specialist staff to run the devices. There is competition among the employees as everyone is working hard to bring out the best from what he or she is working with. Another consequence of information technology is reduction of personal interaction among the employees whereby it reduces teamwork as every employee works on their own, as they do not get a chance to meet and talk with the other people in the organization. There is reduction of physical activities whereby employees do not need to move around the workplace as everyone is set at their position using their own devices. This can cause health problems such as obesity and heart diseases as there is lack of physical exercises (Shukla, 2009).

There is a variety of risk recommendations of bringing your own devices to the organization, as there can be loss of storage devices, like, hard drives whereby an employee carries it to the work place and can lose them instantly or it can be stolen. Therefore, data should be encrypted to provide protection in case the password is hacked. Another risk can be described when an employee decides to leave the company maybe to work elsewhere, usually the employee has very confidential data stored on their devices and even if they no longer work for the company, incase this person gives this information to another party, the company could be held liable for the breach of data. Therefore, a mobile application management system can be used to disable and delete the ex-employee’s device therefore chances of breach of data are low. When employees are working in the company with their own devices, it is recommendable to use the office’s wireless connection.in this way, it prevents access from suspects posing in your employees’ device and thus breach the network. Another risk recommendation is use of firewalls and antivirus in the employees’ devices. The devices may vary in age and specification and they may not be secure enough. When an employee gains access to websites or applications that are not trusted, it leaves a security vulnerability in the device of the employee, meaning when one logs in again, the entire contents are displayed and this could be a risk. Therefore, there should be a policy in the company that entails on who exactly should be made responsible for device securing and a time difference should be set on when the firewalls or anti-virus should be updated. Due to the change of technology now and then, the employees using their devices much keep changing them so as to purchase upgraded devices with better data security. This is costly to the employee and can to an extent not afford the costs to be made. These changes being made now and then, affects technology, as nothing would never be completely secure. Another risk in data security regarding use of own device in a workplace is, a system would be immediately affected and compromised when the employee using the device would miss on an area that should be protected (Baskerville, 2007).


Data security is the protection of data from users who are unauthorized from accessing the system. Considering the idea of an employee using their own devices in their workplace, there are risks in the data security. When there is restrictions to resources, there is an order set how the resources should be used. For example, the time span of the data to be searched, the time length that a search runs before the data is returned. The employees may find it challenging following the restrictions. incase an employee loses their devices and either way they cannot recall the password that they had encrypted, and had not secured it with a backup password it may become a challenge to open up that device. Therefore, the whole device system would need to be restarted or rebooted so that the device can open up. This can lead to loss of very important information stored in the device. Due to the change of technology now and then, the employees using their devices much keep changing them to purchase upgraded devices with better data security. This is costly to the employee and can to an extent not afford the costs to be incurred. This these changes being made now and then, affects technology, as nothing would never be completely secure. Another risk in data security regarding use of own device in a workplace is, a system would be immediately affected and compromised when the employee using the device would miss on an area that should be protected (Shukla, 2009).

There are two types of data to be used when an employee is using their own devices in an organization; namely data masking and data erasure. Data masking is a process whereby a particular data in a database cell ensures that data security is highly maintained and any information is not disclosed to people who are not allowed to gain access to that specific information. The main purpose of using data masking is to secure highly classified information that can be personal and commercially sensitive and can cause breach of the data if disclosed. Data masking is divided into two major types; static and on the fly or dynamic data masking. Static data masking is mainly executed on copies of databases that are important and can be enforced on files. Dynamic data masking is a way of reassigning data from one surrounding to another while the data meet the disk in any means. This type of data applies in surroundings that carry out uninterrupted applications.

The second type of data is data erasure. It is referred to as data wiping or data clearing. Data erasure is a method in software that uses zeros and ones to save data on the devices, as its main purpose is to altogether demolish all the electronic data in the hard drive. Software, which has been designed for data erasure should be established on unequaled needs, allow choice of particular standards, and ensure that the method used in writing is effective and data across the device is removed (Shukla, 2009).

In data, security the person supposed to gain access to the data is system administrators. Also referred to as sysadmin. System administrator is a person responsible for the upkeep and operation of computer systems especially in computers that are used by more than one person such as the servers. Makes sure that the performance of computers meets the needs of the users without going beyond the set budget (Davis, 2008). The administrator requires to maintain security policies of the devices, train and supervise staff and offer support for projects, provides a continuous mechanization and upgrade computer components.

Data flow is also known as reactive programming or stream processing. A software entitles on a thought of unplugging role players in sections at the same time. Data flows from the database or the file then is fed to device through an input device an example being keyboard or a mouse, it then reflects in the system as it goes through processing then it is displayed in the monitor or any output device then the information is passed to the customer. That is how data flows in devices (Svensson, et al, 2009).

References

Kwon, J., & Johnson, M. E. (2012). Security practices and regulatory compliance in the healthcare industry. Journal of the American Medical Informatics Association, 20(1), 44-51.

Kwon, J., & Johnson, M. E. (2012). Security practices and regulatory compliance in the healthcare industry. Journal of the American Medical Informatics Association, 20(1), 44-51.

Davis, D., & Having, K. (2008). Compliance with HIPAA security standards in US Hospitals. Journal of healthcare information management: JHIM, 20(2), 108-115.

Juhee, K., & M Eric, J. (2011). The Impact of Security Practices on Regulatory Compliance and Security Performance.

Juhee, K., & M Eric, J. (2011). The Impact of Security Practices on Regulatory Compliance and Security Performance.

Siponen, M. T. (2009). An analysis of the traditional IS security approaches: implications for research and practice. European Journal of Information Systems, 14(3), 303-315.

Siponen, M. T. (2005). Analysis of modern IS security development approaches: towards the next generation of social and adaptable ISS methods. Information and organization, 15(4), 339-375.

Dhillon, G., & Backhouse, J. (2008). Current directions in IS security research: towards socio?organizational perspectives. Information Systems Journal, 11(2), 127-153.

Baskerville, R. (2009). The developmental duality of information systems security. Journal of Management Systems, 4(1), 1-12.

Baskerville, R. (2007). Information systems security design methods: implications for information systems development. ACM Computing Surveys (CSUR), 25(4), 375-414.

Hsu, C. W. (2009). Frame misalignment: interpreting the implementation of information systems security certification in an organization. European Journal of Information Systems, 18(2), 140-150.

Siponen, M. (2008). Towards maturity of information security maturity criteria: six lessons learned from software maturity criteria. Information Management & Computer Security, 10(5), 210-224.

Jha, K. N., Mishra, V., & NSINHA, B. (2009). Internet: Emerging technology for information generation and its services to users.

Shukla, V. K., & Chaturvedi, N. (2009). DRM: Technological Measure for Digital Contents on the Silicon Plaform.

Bandyopadhyay, S., Gangopadhyay, G., Bhattacharyya, A. K., & Choudhury, A. K. (1974). On an Iterative Method for the Solution of a Class of Optimal Regulator Problem. IETE Journal of Research, 20(9), 468-470.

Bergstrom, C. (2007). Eigenfactor: Measuring the value and prestige of scholarly journals. College & Research Libraries News, 68(5), 314-316.

Svensson, G., Svaeri, S., & Einarsen, K. (2009). ‘Empirical characteristics’ of scholarly journals in hospitality and tourism research: An assessment. International Journal of Hospitality Management, 28(3), 47

How to cite this essay: