Before You'll check out our finance paper sample from our professional writers remember that if you looking for someone who can write your white paper, business plan, or other finance paper from scratch - you came to the right place! Put the requirements of your assignments into the order form and make a payment and put the rest of your work on the shoulders of our writers!
Information technologies have penetrated nearly all fields of human activity so that they are increasingly becoming a compulsory part of any business. However, it is worth saying that these technologies harm it, as well. To be more exact, a tendency of data breaches has become a threat to the world of business and causes the activity of the entire computer crime gangs. In fact, data breaches occur to different extents on a day-to-day basis. Thus, the clearest example of regular data breaches is the attacks of the Freezone Finance. Data is breached via particular activities of employees, who are not aware of participating in the attack, or terms of private usage when an individual is a potentially vulnerable target. As a consequence, the matter of continual data breaches within Freezone Finance has become a strong concern for IT specialists. Thus, this problem has to be discussed and solved.
This paper suggests training all employees to preserve Freezone Finance from being attacked. Actually, the paper lingers upon the following issues.
- First of all, the background of the case should be given. As a result, a statement of need has to be clearly formulated.
- Then, it is necessary to outline a particular plan of action. It is needless to say that this plan should be evaluated. Further, the schedule is supposed to be created to trace the stages of the outlined actions. Hence, planned actions, budgets, and schedules are supposed to be illustrated on the example of a particular plan phase.
- Finally, recommendations and conclusions have to be outlined, as well.
Speaking about data breaches in general, it should be admitted that they occur regularly because of different reasons. However, in the majority of cases, users are not aware of the possibility of being attacked and even help a hacker access the target information. In such a way, the targets of attacks are various, depending on the purposes of hackers. It can be stealing private information for blackmailing and taking revenge or stealing corporate data for sale. Still, it is important to emphasize that evidence of data breaches can be seen in every single case. Thus, Freezone Finance is not an exception.
To be more exact, Freezone Finance suffers from constant attacks due to numerous reasons. First of all, as has been mentioned before, employees simply do not realize that they encounter a hacker attack. What is more, in some cases, employees help hackers avoid the security system. It is needless to say, that such mistakes occur unintentionally. Hence, such issues can be explained by the following facts. Firstly, the majority of Freezone Finance employees are busy with their working duties. Therefore, they are focused on their tasks’ completion, so that they are more likely not to notice that something is wrong with the security. As a consequence, hackers attack average employees who are not responsible for security. Secondly, some percentage of employees are incapable of attack identification a priori because of their specific orientation within the organization or being recently employed. Besides that, it is worth saying that the security system of the organization can be weak to be openly attacked. However, the main party, which suffers from data breaches is customers. Therefore, a statement of need should be based on this fact.
- Plagiarism FREE
- Prices from only $12.99/page
Statement of Need
Customers suffer from constant data breaches and it is needless to say that it can be reflected on the general company performance. Doubtless, customers will not trust the organization, which delivers such inconveniences because of invalid data processing. Besides that, it is worth saying that customers usually report data breaches. Thus, the organization keeps working without realizing that something may be wrong with Freezone Finance. Actually, it is a common problem when the organization is informed about a data breach by a third party (Mitchell, 2009, p. 5). Taking this point into account, it should be mentioned that the company has to take preventive measures concerning the evidence of regular data breaches.
Though, it is a rather complicated procedure. First of all, customers should be ensured that they will be serviced appropriately. However, the main preventive procedures have to be conducted towards employees, who actually fall prey to hacker attacks. To be more specific, a meaningful training program is needed. In fact, workers will be expected to learn how to recognize attacks and what they can do before the reaction group takes an action. Furthermore, employees will need to learn the basic principles of using protective software. Still, some other procedures have to be conducted as well.
By the same token, a new protective system is supposed to be implemented. In case hackers manage to avoid the current one, it is obvious that it does not protect the organization’s database sufficiently. In such a way, new soft and hardware should be incorporated. Desirably, it has to be some warehouse, which is based on the cloud computing platform. All in all, it is the main need concerning the problem of regular data breaches of Freezone Finance. Hence, the plan of action should be outlined.
Plan of Action
To begin with, it is important to note that, first of all, employees have to be aware of the upcoming training. Speaking about this aspect in a more specific way, it is to be mentioned that training should be planned at the working time. Otherwise, the majority of workers will refuse to attend training as unsociable hours. Instead, it is desired to reward employees, who will demonstrate the best results. About the ethical background, workers are supposed to be informed that training is an important event with the organization because customers’ attention depends on the quality of data security.
Then, tutors have to be hired. Together with the company’s specialists, they will create a program that includes theoretical and practical perspectives. It can be explained by the fact that workers need to be aware of the importance of data security. In such a way, the testing should be conducted with a particular frequency, to trace the success of the training. Besides that, it is worth mentioning that the results of training have to be recorded during the performance of the organization. In other words, the evidence of data breaches still should be watched.
Do you have only a couple of days or even hours to prepare you essay writing? Our writers will cope with your order in timely manner!
After the training, the final test should be conducted. Moreover, such tests are supposed to be conducted regularly to keep workers motivated. Thus, rewards for the best performance concerning data security are important. However, particular software should be also chosen. In general, it is accepted to implement any protective software, which blocks fishing links, unverified software installation, and e-mail messages from unknown addresses or of suspicious content (Morley, 2014, p. 165). Also, it is essential to train employees to be able to use this software appropriately.
It is doubtless, that such important event as data security training of employees requires in-depth budgeting. First of all, it can be explained by the fact that costs take the farther extents than the period of training. In other words, some additional costs should be spent after conducting a training program. Therefore, the budget has to be planned. Taking this point into account, it is necessary to outline key aspects of the budget. Moreover, it is worth mentioning that the overall budget of the organization has a separate amount of money for the arrangement of special operations and events. Thus, costs should be planned within the limit.
To start with, it is important to mention that educating staff does not have to exceed the number of four people. Namely, it will be the main training panel, who will organize the entire training. As a consequence, employees who are supposed to be trained, comprise the number of approximately 50 people. Except for these costs, some additional material has to be funded. To be more exact, it can be articles, posters, newsletters, and insightful blogs. Hence, they require some part of the budget. Needless to say, the budget is expected to have some backup and funds for recovery in case of unpredicted circumstances. Therefore, these costs should also be included.
Overall, the budget for the data breach security training for the employees of Freezone Finance is supposed to be the following:
- Official License for 50 members: $4,995
- 50 End points for 50 members: $1,350
- Backup and recovery: $3,840
- Total Arrive: $10,185
- Other materials such as newsletters, insight blogs, and articles: $1,000
- Total Arrive: $1,000
- Capital expenditure and other spending are $11,185
All in all, as the plan of action, has been outlined and the budget has been confirmed, it is necessary to proceed to the scheduling of the training program.
It is increasingly difficult to ignore the fact that the majority of information security breaches are committed because of human error, lack of experience, and malicious intentions (Herold, 2011, p. 5). Therefore, the schedule of the training program is expected to include a phase of awareness creation. As it has been mentioned before, workers should comprehend ethical and theoretical knowledge as well to be aware of the training’s importance. However, it is necessary to share the responsibilities. In such a way, IT specialists are responsible for the development of the software and the involvement of the entire staff. As a consequence, the business managers supervise and encourage employees. Concerning the implementation team, it should be admitted that they have to incorporate new techniques. However, some specific issues have to be also discussed. In fact, it is crucially important to pay attention to the monitoring, which will be conducted at the end of the program. Actually, it is supposed to be a kind of summing up the training outcomes because testing should be conducted every day to record which aspect workers comprehend better.
In general, the training program is expected to obtain a period of approximately 6 months, and the phases within this period are the following:
|Understanding and actualizing the need||15 days|
|Planning and definition||30 days|
|Execution and implementation||60 days|
|Testing and monitoring||30 days|
|Closing and knowledge application||15 days|
Though, it is worth saying that this schedule can be changed due to unexpected difficulties during the training. Still, the phases of the schedule will be the same but the terms of their embodiment may be altered. Eventually, it is necessary to evaluate the training program.
It is commonly accepted that evaluation of the project should be conducted right after the project implementation. In fact, it is recommended to evaluate the training program during its entire process of implementation. Thus, it is also important to differentiate the evaluation from the testing. In fact, the evaluation estimates the training program as a procedure, while testing identifies the outcomes. In such a way, the evaluation should touch upon the following aspects.
To begin with, it is important to mention that training actions have to be evaluated. Hence, the theoretical part of the training is quite underpinned in this case. As it has been discussed previously, awareness is a vital factor concerning data security which is why employees should comprehend the theoretical knowledge. Also, the ethical outlooks of the staff are widened as well due to the understanding of data security importance. Similarly, the empirical perspective of the training is efficient because workers will be capable of eliminating emergency problems immediately and on their own. On the contrary, the development of the protective software leaves much to be desired. Initially, the management should have emphasized the development of the software. It can be explained by the fact that as long as hackers manage to avoid the protective layers, the software is not powerful enough to resist hacker attacks and alarm their evidence. Still, the protective software is not effective without a sufficient commitment of employees. In such a way, this aspect cannot be completely regarded as unfulfilled because the main objective of the project is the training of the staff regarding data security and awareness. However, it is only the first aspect to be evaluated, that is why it is necessary to proceed to the next one.
Furthermore, the budget has to be evaluated. To be more exact, it is important to verify whether the suggested costs are reasonable in this case. On the contrary, one may say that maximal funding of the problem solution will outcome the best results, but it is worth saying that the organization can be affected by other factors, so that related segment of the budget will equal null. In particular, the number of educators should be verified. As a consequence, the number of workers to be trained has to be also evaluated. Concerning the budgeting of the additional materials such as posters, articles, and insight blogs, it should be noted that the evaluation of this aspect obtains primary importance. It can be explained by the fact that such costs are not underpinned. Therefore, these costs can be spent step by step so that the implementation team can trace a particular tendency regarding the response to these materials. Again, it is important to pay more attention to protective software budgeting because it is also an important aspect, but it is not kept in the focus of this project. Still, the budget has to coincide with the schedule.
In such a way, it has to be admitted that the budget does not necessarily have to cover the scheduled period equally. Needless to say, that at certain stages particular items will be no longer in use so that their budgeting is not appropriate at this phase (Jaffe & Holtsnider, 2012, p. 164). Hence, this issue has to be taken into consideration. Finally, it should be noted that evaluation of the training program is also important for further project implementations; the experience of this training is recommended for recording. In such a way, the evaluation of the Freezone Finance training program should be conducted.
As Freezone Finance is an organization, which deals with financial operations, it is needless to say that it has become a vulnerable target for computer criminals. To be more specific, hackers attack the company to make false transactions or commit a forgery of official documents. Thus, it is not just a violation of customers’ private information, but financial harm, as well. Taking this point into consideration, it is important to demonstrate the training program’s efficiency.
For starters, it should be noted that employees will pass the tests regularly. What is more, they will not be informed about the testing because some attacks will be simulated, so that workers will be allowed to act in a real situation. As a consequence, the reactions to the attacks will be evaluated separately. To the broader extent, such simulations should be conducted with a certain frequency to keep employees stimulated (American Bar Association, 2008, p. 12). Besides that, it is to be said that theoretical knowledge will be combined with empirical one so that workers will acquire the principles of data security in the widest range of its importance. Moreover, the training is not expected to be a special event, even though it is regarded as an important procedure. It can be explained by the fact that the staff should not feel any pressure from the side of the head team.
All in all, this phase of the training program completely addresses the objective of the project. Similarly, the rest of the training phases will be conducted according to the principles of the real-life situation environment. Therefore, a combination of theory and practice is justified. Still, the program is supposed to meet the budget limitations but does not have to be measured only by terms of the outlined schedule.
- Plagiarism FREE
- Prices from only $12.99/page
Conclusion and Recommendations
To conclude, it is to be admitted that the current paper has lingered upon the discussion of the data security training of employees of Freezone Finance. This topic has been chosen due to the constantly increasing evidence of hacker attacks and the related need to protect the organization’s customers from computer crimes. To be more specific, this paper has suggested the solution to the issue of staff training. In such a way, the paper has discussed the following aspects. Actually, the background has been given, and the statement of need has been outlined. Then, the plan of action has been described. As a consequence, the budget and the schedule have been created by the plan of action. Furthermore, the evaluation of the project has been provided with the example and recommendations. Hence, a fragment of the training program has been demonstrated.
Taking all these points into consideration, it is worth saying that the solution to this problem definitely lacks attention to software development. Though, this issue requires a wide range of questions to be included so that it will be reasonable to touch upon this issue in terms of the related research. It is doubtless that this aspect also requires a combination of theoretical and empirical perspectives. Also, it is important to recommend a flexible budgeting and scheduling approach because some specific difficulties may emerge during the training program implementation. To the broadest extent, such a serious event does not have to be limited by particular terms because the quality of this training is more important than terms.