Saturday, December 28, 2019

Straight-Tusked Elephant - Facts and Figures

Name: Straight-Tusked Elephant; also known as Palaeoloxodon and Elephas antiquus Habitat: Plains of western Europe Historical Epoch: Middle-Late Pleistocene (1 million-50,000 years ago) Size and Weight: About 12 feet tall and 2-3 tons Diet: Plants Distinguishing Characteristics: Large size; long, slightly curved tusks    About the Straight-Tusked Elephant Understanding the Straight-Tusked Elephant requires a quick primer in modern elephant classification. Living elephants are represented by two genera, Loxodonta and Elephas; the former comprises two species (Loxodonta africana and Loxodonta cyclotis) of African elephants, while the latter contains but a single species: Elephas maximus, the Asian elephant. Long story short, most paleontologists consider the Straight-Tusked Elephant to be an extinct species of Elephas, Elephas antiquus, though some assign it to its own genus, Palaeoloxodon antiquus. As if thats not confusing enough, this prehistoric relative of the Asian elephant was native to western Europe! Classification issues aside, the Straight-Tusked Elephant was one of the largest pachyderms of the Pleistocene epoch, standing 12 feet tall and weighing in the neighborhood of two to three tons. As you might expect given its name, this elephants most distinctive trait was its exceptionally long, slightly curving tusks, which it used along with its unusually long tongue and trunk to strip the leaves off trees. Judging by fossil remains, the Straight-Tusked Elephant roamed the European plains in smallish herds of a dozen or so individuals, and was eventually out-competed in its increasingly frigid ecosystem by the well-insulated Woolly Mammoth. (By the way, some experts believe it was the Straight-Tusked Elephant that spawned the Dwarf Elephants of the Mediterranean basin.)
Posted by at No comments:

Friday, December 20, 2019

Critical Reflection Of The Healthy People Healthy Places...

Critical Reflection 1 Introduction This paper is a critical reflection of the healthy people healthy places reading material and consists of three sections. It includes the definition of terms like health inequality and how does it relates to health equity. The first section states the importance of health inequalities and the necessity for a solution to decrease the health inequality gaps. Firstly, the term health inequality has a very broad definition and can be defined as the variations in health status or in the distribution of social determinants (Anonymous, 2012). Health inequality is also described as a condition which is avoidable, unnecessary, and unjust in a community (Braveman, 2014). According to Marmot (2008), health inequalities are caused due to the differences in living conditions, especially in five main domains i.e. birth, growth, living, working and age. Another term that was introduced was health equity, which is defined as a principle that is considered as a commitment to decrease disparity and in equality in the society (Braveman, 2014). Both the terms health inequality and equity are tied to each other. One of the significant similarity is that health inequalities serve as a metric (unit) to measure health equity (Braveman, 2014). For example, there should not have to be any differences between genders when accessing health care in a country without any cultural barriers and improper governance. Significantly, health inequality causes health equity andShow MoreRelatedMarketing Plan for Entrepreneur10970 Words   |  44 PagesMarket Trends 22 2.3.7 Market Growth 23 2.4 SWOT Analysis 23 2.4.1 Strengths 23 2.4.2 Weaknesses 23 2.4.3 Opportunities 23 2.4.4 Threats 24 2.5 Alternative Providers 24 2.6 Keys to Success 24 2.7 Critical Issues 25 2.8 Marketing Strategy 25 2.8.1 Mission 25 2.8.2 Marketing Objectives 26 2.8.3 Financial Objectives 26 2.9 Target Markets 26 2.10 Positioning 26 2.11 Strategy 27 2.12 Implementation 28 Read MoreSantrock Edpsych Ch0218723 Words   |  75 PagesI also wanted school based in the Froebel philosophy. Friedrich to incorporate play-based activities that would help Froebel, best known as the founder of kindergarten, them develop a deeper understanding of these believed that play is critical for healthy child develop- early Canadians. ment. Below, Debra explains how she incorporates the â€Å"As part of the unit, students were required to use Froebel methodology into her classroom instruction. their research findings to create a detailed characterRead MoreChallenges Integrating Students With Disabilities6780 Words   |  28 Pagesinstitutions in the U.S. are students who report having disabilities (NCES, 2012). Higher educational attainment is linked to increased likelihood of employment and higher incomes (U.S. Bureau of Labor Statistics, 2014); a higher level of education for people with disabilities improves the chances for them to sustain themselves financially with dignity and greater participation as citizens. The call to inclusion for academic institutions is to make programs and services accessible to all students, whichRead MoreMastering Graduate Studies 1e32499 Words   |  130 Pagessignificant part of development. As time goes on, many of those dreams are abandoned for a more â€Å"practical† life. As families are started and bills come due, people become consumed with their unique lives. However, the fact that you are reading this is proof that you have been â€Å"doing† life well, but you sense there is more to it. Few people really think deeply about their purpose in life and transcend the â€Å"doing† of life and explore the â€Å"being† of life. A â€Å"doing† life focuses on tasks, whereas aRead MoreStudy Habits6353 Words   |  26 Pagesthe virtue of the Republic Act 9083 written by the former Representative of the 1st District of Laguna, Uliran Joaquin, the School was built with the support of the Local Government of Santa Rosa led by former Mayor Leon C. Arcillas. The school has three stages of screenings composed of an Aptitude / Mental Ability Examination, Proficiency Examination and an interview and are implemented in a step-by-step format (An applicant will be ineligible to be screened in the next stage if he/she fails on theRead MoreCoffee Culture17291 Words   |  70 PagesC-uppsats i Fà ¶retagsekonomi, Fà ¶retagsekonomi 51-60 p Slutseminarium: 2007-06-07 Fà ¶rfattare: Almqvist Emma Hruzova Barbara Olsson Kajsa Handledare: Max Lundberg Preface and acknowledgement We would like to thank our tutor Max Lundberg at the section of business and engineering at the University of Halmstad for his support and comments throughout the dissertation. We would also like to thank the personnel, managers and the barista for their answers to our questions. Finally we would like to thankRead MoreMoral Development During Adolescence Essay8689 Words   |  35 Pagesphilosophers such as Rawls, Piagets’ cognitive-developmental psychology and Baldwin. From his work an understanding of moral issues such as rights and justice was developed. Hence, Moral development during the adolescent years can be defined as the way young people learn to decide what is right and wrong, which in turn forms the basis of their principles of justice(Hart Carlo 2005). Determinants of morality on adolescents have been focused on moral cognitions and socialisation agents, principally parentalRead MoreMultiple Intelligences Seminar and Workshop14464 Words   |  58 PagesHow does M.I. curriculum align with state and national standards? 7. How does technology complement the M.I. approach? 8. How do I work with my school, the parents, and the community? PART IV – Implementation 1. Key principles 2. Three types of implementation exercises 1. Learning centers 2. Simulations 3. Presentation 3. Step-by-step M.I. lesson plan guide 4. Wrap up PART V – Ways to Vary Instruction (additional) REFERENCES EXPLANATION 1.1 What isRead MoreThe Issues Of Companies Act Of 20067516 Words   |  31 Pagesdefined by the Companies Act 2006 as well as by the articles of association and the shareholders agree to be bound by it. Because there is a presence of mutual trust variable in this concept, private companies may find themselves in categories that consist of quasi partnership companies which allow the jurisdictional court to perform the exercise related to legal right with equal consideration. The element of mutual trust is also found wherein a pre-existing partnership has incorporated into a limitedRead MoreSociology Essay20437 Words   |  82 Pagesclaims for damages. Published in 2010 by: Nelson Thornes Distance Learning Delta Place 27 Bath Road CHELTENHAM GL53 7TH United Kingdom 10 11 12 13 14 15 / 10 9 8 7 6 5 4 3 2 1 Page make-up by diacriTech, Chennai, India Printed and bound in Great Britain by Berforts Group Acknowledgements The authors and publishers wish to thank the following for permission to use copyright material: Crown copyright  © material is reproduced under Class Licence No. CO1 W 0000195 with the permission of the
Posted by at No comments:

Thursday, December 12, 2019

Dioxins Essay Example For Students

Dioxins Essay DioxinasQue son Familia a la que pertenecen Estructura quimicaComo se DispersanComo se generanComo se midenQue efectos producenConclusiones. Soluciones o ideasIntroduccion:Este trabajo pertenece al proyecto grupo cuatro en ciencias del Bachillerato Internacional (IB), en el que la idea es analizar un tema mirado desde el punto de vista de una o mas ciencias al mismo tiempo. En el caso de este trabajo especificamente en el area de la fisica (sin dejar de dar resenas generales en quimica y biologia) el tema de las Dioxinas. Las dioxinas son compuestos quimicos de composicion aromatica policrorados extremadamente toxicos. Pertenecen a la familia de hidrocarburos y son producidas principalmente durante los procesos de combustion. Estan compuestas por la liberacion de cloro al quemarse, juntandose con moleculas de carbono e Hidrogeno (comunmente presentes en el aire). Por mucho tiempo se les uso como pesticida, pero ya dejaron de ser efectivas pues algunas clases de insectos, lograron transformarse para que las dioxinas no surgieran un efecto mortifero en ellos y por tanto dejaron de ser efectivas. Esto llevo a que por algun tiempo (y en la actualidad en pocos lugares en donde todavia se usa este tipo de pesticida), las dioxinas llegaron hasta nosotros no solo por el aire sino que directamente por los alimentos. Son lipofilicos, es decir solubles en las grasas y sus moleculas estan unidas por enlaces fuertes que les dan una vida media entre los 7 y los 30 anos, por esto se les llama moleculas persistentes. Existen una variedades de dioxinas, siendo las mas toxicas la 2,3,7,8 tetraclorodibenzodioxina (TCDD), la cual reune a los Dibenzofuranos policlorados, las dibenzodioxinas policloradas y los bifenilos policlorados, mas en general, hablando de dioxinas y furanos. Su estructura molecular es:Por todo esto, se puede decir que se les encuentra practicamente en todas parte, en el suelo, el aire, el agua o los alimentos diarios. Al tener una persistencia mayor al estar en contacto con agua o disueltas en grasa, siempre estaran en nuestra cadena alimenticia pues otra de sus caracteristicas es ser bioacumulativas. Como la composicion de cloro y carbono forman atomos llamados organoclorados, compuestos que no existen de forma natural y por eso los seres vivos no somos capaces de descomponerlos. Dentro e los principales danos que le hace al hombre es el de trabajar como disociador hormonal, atrofia la medula osea, desordenes nerviosos, disminuye la cantidad de espermatozoides, causa desfiguracion de la piel y hace propensa a la persona a desarrollar cancer. Desarrollo:Es comun que para reducir el volumen de basura que se tiene, se incineren los residuos y asi se ahorra espacio y dinero pues es mas barato quemarlo que dale un tratamiento masEs decir en rasgos generales, la emision de dioxinas es emitida en cualquier quema de material que contenga el elemento el cual combina sus moleculas con material organico generando estas poderosas toxinas. Por esto uno de los mayores generadores de dioxinas y furanos son las fabricas de plasticos tales como el PVC, la quema de basura (donde la gran mayoria de los materiales son plasticas) o el blanqueamiento del papel (que como es sabido, para dejarlo blanco, es necesario hacerle un tratamiento fuerte de cloro). Pero desde no hace mucho, se detecto que la emision de dioxinas tambien estaba presente en procesos con material organico en que halla combustion como es los incendios forestales o la actividad volcanica. Se supone que al ser incinerados a mas de 850C, se descomponen, pero al enfriarse los gases, vuelven a formarse. Pero en todo caso, la mayoria de los procesos de incineracion, se hacen a menos de estas temperaturas pues las instalaciones no cuentan con las caracteristicas para poder llevar a cabo este procedimiento o son inseguras. .u9e8748fa49fe72dcd8dcbd5acff8fda7 , .u9e8748fa49fe72dcd8dcbd5acff8fda7 .postImageUrl , .u9e8748fa49fe72dcd8dcbd5acff8fda7 .centered-text-area { min-height: 80px; position: relative; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 , .u9e8748fa49fe72dcd8dcbd5acff8fda7:hover , .u9e8748fa49fe72dcd8dcbd5acff8fda7:visited , .u9e8748fa49fe72dcd8dcbd5acff8fda7:active { border:0!important; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 .clearfix:after { content: ""; display: table; clear: both; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 { display: block; transition: background-color 250ms; webkit-transition: background-color 250ms; width: 100%; opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #95A5A6; } .u9e8748fa49fe72dcd8dcbd5acff8fda7:active , .u9e8748fa49fe72dcd8dcbd5acff8fda7:hover { opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #2C3E50; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 .centered-text-area { width: 100%; position: relative ; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 .ctaText { border-bottom: 0 solid #fff; color: #2980B9; font-size: 16px; font-weight: bold; margin: 0; padding: 0; text-decoration: underline; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 .postTitle { color: #FFFFFF; font-size: 16px; font-weight: 600; margin: 0; padding: 0; width: 100%; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 .ctaButton { background-color: #7F8C8D!important; color: #2980B9; border: none; border-radius: 3px; box-shadow: none; font-size: 14px; font-weight: bold; line-height: 26px; moz-border-radius: 3px; text-align: center; text-decoration: none; text-shadow: none; width: 80px; min-height: 80px; background: url(https://artscolumbia.org/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png)no-repeat; position: absolute; right: 0; top: 0; } .u9e8748fa49fe72dcd8dcbd5acff8fda7:hover .ctaButton { background-color: #34495E!important; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 .centered-text { display: table; height: 80px; padding-left : 18px; top: 0; } .u9e8748fa49fe72dcd8dcbd5acff8fda7 .u9e8748fa49fe72dcd8dcbd5acff8fda7-content { display: table-cell; margin: 0; padding: 0; padding-right: 108px; position: relative; vertical-align: middle; width: 100%; } .u9e8748fa49fe72dcd8dcbd5acff8fda7:after { content: ""; display: block; clear: both; } READ: Gothic Cathedrals EssayAl salir los gases resultantes de una quema por la chimenea de una industria, las dioxinas que se generan, pueden salir pegadas a la ceniza o solas, llegando a juntarse a las nubes para posteriormente caer junto a las gotas de lluvia. De no se asi, las cenizas igual caeran al suelo y las particulas que queden solas, bajaran debido a su gran masa molecular. Al final del proceso, las dioxinas caen al suelo o al agua siendo absorbidas por las plantas (ya sea por las raices o por la lluvia que cae directamente en las hojas) y la que sea al agua puede ser tomada directamente como agua por otros seres o ingresar a los distintos tipos de seres marinos. Como las dioxinas son bioacumulables, se van acumulando al pasar de uno a otro paso de la cadena alimenticia. Como el hombre se alimenta de una diversidad de animales y plantas, es el que mas dioxinas recibe. De hecho, las primeras siete formas por las que el hombre recibe dioxinas es por carnes rojas, leche, aves, huevos, etc. Es decir que cerca del 99% de la dioxina ingerida proviene de la cadena alimenticia normal de la gente. Por su alta toxicidad, la dosis tolerable por el hombre diariamente tubo que ser disminuida siendo ahora solo de 1 a 4 picogramos / kilogramo (4*10-12). En todo caso se estima que en la mayoria de los casos, las dosis diarias a lo que se ven expuesta la gente, son superiores a lo normalUno de los problemas mas dificiles a los que se enfrentan los especialistas al investigar a estas particulas, es por un lado su baja concentracion y los altos costos de las investigaciones, los instrumentos y los analisis. El factor de su baja concentracion, dificulta la investigacion en el punto que para poder hacer un seguimiento fidedigno de las concentraciones que hay por ejemplo a la salida de una chimenea de una fabrica de PVC, es necesario tomar muestras tanto gaseosas como de particulas (tales como cenizas) que salgan por el tubo. Las muestras deben ser tomadas sistematicamente y de grandes volumenes de gases o de cenizas ya que su concentracion es baja. Estas muestras quedan en uno filtros los cuales son traspasados posteriormente ya sea por lavado o por condensacion a placas especiales en donde quedan las dioxinas mas concentradas y asi poder ponerlas en un cromatografo de gases con detector de captura de electrones. Estos resultados se pueden confirmar usado una espectrometria de masas. Pero debido a su alto costo solo los paises altamente industrializados tienen estos sistmas de medicion. De hecho en Chile, la imposibilidad de presupuesto para poder investigar hace que ni siquiera exista una estadistica de la cantidad de dioxinas que hay. Por esto que el trabajo medico solo se limita a la curacion y no a investigacion o prevencion. Conclusiones:Aunque las dioxinas no son un tema del que se sepa mucho o del cual se tiene todo investigado, lo que se ha investigado de ella, es que aunque no es tan peligrosa como se creia en un principio, no deja de ser inquietante pues perjudica bastante la salud de los seres vivos, los cuales absorben la toxina quieranlo o no. Es decir es independiente del tipo de alimentacion que se tenga, la dioxina esta presente en todas partes. Como la generacion de dioxina por medio natural (vale decir incendios forestales o actividad volcanica) es bastante baja, la unica solucion que se le ve al problema es el disminuir la generacion del toxica de forma artificial. Como el PVC es el mayor generador tratar de bajar la produccion de este. Estudios han revelado que aparte de las dioxinas, el tratamiento y elaboracion de este material producen mas de 11.000 compuestos organoclorados, de los cuales la mayoria son toxico para los seres vivos. Tambien los estudios han revelado el hecho de que practicamente todos los productos o sub productos del PVC, tienen un sustituto menos contaminante y que dejan un impacto ambiental menos del que hay ahora. Como el caso de los pesticidas que son el 26% de la produccion del cloro, existen miles de otras posibilidades menos toxicas. Para disolventes, blanqueo de papel y tratamiento de aguas servidas (cerca de20% entre los tres), estan posibilidades como el agua oxigenada o la radiacion ultrav ioleta. .u6b4cfd543a05909bf07ba18e9c4dfe99 , .u6b4cfd543a05909bf07ba18e9c4dfe99 .postImageUrl , .u6b4cfd543a05909bf07ba18e9c4dfe99 .centered-text-area { min-height: 80px; position: relative; } .u6b4cfd543a05909bf07ba18e9c4dfe99 , .u6b4cfd543a05909bf07ba18e9c4dfe99:hover , .u6b4cfd543a05909bf07ba18e9c4dfe99:visited , .u6b4cfd543a05909bf07ba18e9c4dfe99:active { border:0!important; } .u6b4cfd543a05909bf07ba18e9c4dfe99 .clearfix:after { content: ""; display: table; clear: both; } .u6b4cfd543a05909bf07ba18e9c4dfe99 { display: block; transition: background-color 250ms; webkit-transition: background-color 250ms; width: 100%; opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #95A5A6; } .u6b4cfd543a05909bf07ba18e9c4dfe99:active , .u6b4cfd543a05909bf07ba18e9c4dfe99:hover { opacity: 1; transition: opacity 250ms; webkit-transition: opacity 250ms; background-color: #2C3E50; } .u6b4cfd543a05909bf07ba18e9c4dfe99 .centered-text-area { width: 100%; position: relative ; } .u6b4cfd543a05909bf07ba18e9c4dfe99 .ctaText { border-bottom: 0 solid #fff; color: #2980B9; font-size: 16px; font-weight: bold; margin: 0; padding: 0; text-decoration: underline; } .u6b4cfd543a05909bf07ba18e9c4dfe99 .postTitle { color: #FFFFFF; font-size: 16px; font-weight: 600; margin: 0; padding: 0; width: 100%; } .u6b4cfd543a05909bf07ba18e9c4dfe99 .ctaButton { background-color: #7F8C8D!important; color: #2980B9; border: none; border-radius: 3px; box-shadow: none; font-size: 14px; font-weight: bold; line-height: 26px; moz-border-radius: 3px; text-align: center; text-decoration: none; text-shadow: none; width: 80px; min-height: 80px; background: url(https://artscolumbia.org/wp-content/plugins/intelly-related-posts/assets/images/simple-arrow.png)no-repeat; position: absolute; right: 0; top: 0; } .u6b4cfd543a05909bf07ba18e9c4dfe99:hover .ctaButton { background-color: #34495E!important; } .u6b4cfd543a05909bf07ba18e9c4dfe99 .centered-text { display: table; height: 80px; padding-left : 18px; top: 0; } .u6b4cfd543a05909bf07ba18e9c4dfe99 .u6b4cfd543a05909bf07ba18e9c4dfe99-content { display: table-cell; margin: 0; padding: 0; padding-right: 108px; position: relative; vertical-align: middle; width: 100%; } .u6b4cfd543a05909bf07ba18e9c4dfe99:after { content: ""; display: block; clear: both; } READ: Michael Jackson EssayEn el caso de las incineraciones de productos, es realmente necesario que se vea si no hay formacion de nuevas particulas (a veces incluso mas toxicas que las del comienzo de la quema) las cuales al ser tan fuertes, no se desasen sino que simplemente pasan a traves de las paredes de los hornos generando mayor cantidad de metales pesados. Ademas se debe ver el impacto a mediano y largo plazo que tendran dichas emisiones en algun tiempo mas. La solucion es intentar optimizar al maximo la incineracion de plasticos y de intentar reducir lo mas posible el uso y fabricacion del PVC, (tratando se usar sustitutos menos contaminantes y reciclables como el PET), con esto intentar primero frenar la creciente produccion de dioxinas y luego intentar remediar el dano hecho hasta ahora. Para su prevencion se debe intensificar la vigilancia y las medidas que vigilen a las industrias que trabajen el PVC o la celulosa, pues si el ciclo de incineracion no alcanza la temperatura necesaria (850C), la principal receptora de las dioxinas sera el aire y luego nosotros. Creo que esta investigacion fue muy satisfactoria pues nos permitio conocer mas acerca de un tema poco estudiado y descubrir nuevas cosas. El hecho que n halla mucha informacion, fue dificil en un comienzo, pero tambien es bueno saber que uno puede aportar con un poco (por muy pequeno que sea el aporte) al mejoramiento de la naturaleza, el cuidado del medio ambiente y el investigar un poco mas respecto a este tipo de temas. Por ultimo creo que es realmente importante tomar medidas al respecto pues si no cuidamos la tierra en que vivimos, no se podra esperar un mejor futura par nuestro hijos y las generaciones futuras en general.
Posted by at No comments:

Wednesday, December 4, 2019

Cyber Threat Vulnerabilitie Place Federal â€Myassignmenthelp.Com

Question: Discuss About The Cyber Threat Vulnerabilitie Place Federal? Answer: Introduction Information System has become a very important infrastructure in any company across the world. The survival of most companies today is based on the security of their information system. However, there has never been an integrated model that has the capacity to access the possible security risks and effectively protect the information as well as the assets. Information systems such as emails, messengers, e-commerce, chatting, and m-commerce via the internet, are increasingly exposed to cyber security accidents (Bagchi, 2017). In order to ensure effective performance of any information System, a company must invest in securing the system. In addition, a proper risk management system must be put in place. This can only be done through the employment of several distinct measures. It is indisputable that there is a continued need to secure information systems (IS) (Anton, Anderson, Mesic, Scheier, 2004). There have been increased incidences of IS security and risks (Kaschek, Kop, Claudia, 2008). Information system security and risk management require continuous assessment of any risk that may be exposed to the system. Discovery of any risk should be prevented within the shortest time possible. The major component of Information system security is risk management process (Pfleeger Pfleeger, 2012). The process should be incorporated alongside risk assessment. The process of risk management should be done through the installation of preventive measures of future security problems to the system. SI risk assessment practice is in compliance with the security standards that have been set by HIPAA as well as CEISP. Risk assessment enables organizations to determine risk levels that are acceptable to them. They are then able to set appropriate security requirements. Investigation, tools, and techniques According to Information System (IS) security experts, one of the main techniques of risk management process is a risk assessment. The assessment should be done by professionals who are well trained and can easily identify risks in the information system before the system becomes vulnerable. Risk management refers to continuous a process that involves analysis, planning, monitoring and implementation of security measures of an information system (Kovacich, 2003). The process has since become a policy in most organizations across the world. Risk assessment which is a type of risk management process is executed in an interval of time. It can be done on yearly basis or on demand, based on the security requirement of the given Information System. It is important to note that risk management is a process that entails a sequence of events and activities. There are structuring and re-configuration processes that are involved in risk management. Organizations often tend to generate instantiations that are favorable to them. It is necessary to conduct an assessment of an organizations IS the security controls from time to time. However, the continuous assessment cannot fully secure an information system (Tipton Nozaki, 2012). A fully secure system demands for continuous monitoring of the system. A development life cycle of the system should also be put in place to monitor the effectiveness of the system over time. One technique that Hewlett-Packard Company uses for securing the system is through continued monitoring of the systems security details. In addition, all the changes that are made to the system are documented so that there is a reference whenever there is a security threat to the system. Reference can also be made when a risk is discovered in the information system (Jones Ashenden, 2005). Based on the result of security assessment report, remediation actions would be conducted at a later stage. The final security status is reported to the officials who are in charge of the system. HP company management has made effort and ensured that there is periodic review of the information systems security status. The security techniques are based on the guidance of NIST SP800-37. The company has come up with their own approaches that they use in managing their information systems and the possible changes that may be associated with them. Responsibilities of an owner of the information system would be greatly reduced if configuration management is done so that there is only one common security control. However, HP is a multinational company and has the financial capacity to employ enough personnel who can effectively manage their systems. In addition, Hewlett-Packards information system administrators have accorded priority to volatile security controls in the system since they h ave a greater impact in any organization (Alberts Dorofee, 2002). Risk analysis matrix and control It is almost impossible to develop an integrated security model that can be used to address all the risks associated with an information system (Bidgoli, 2016). The proposed risk analysis matrix is through adaptation of software risk management. One of the attributes of software quality is the software itself. The security risk should, therefore, be investigated in terms of the software risk. Security risk refers to the damage or attacks that are made towards an information system. According to the risk analysis matrix, damages that are made on the assets of any organization as a result of cybersecurity can be categorized according to the vulnerability and threats to the assets. The security analysis matrix shows four steps involved in the security risk analysis. In the first step, assets, vulnerabilities, and threats of a given organization are identified. They are then evaluated. The resultant outputs are finally used to carry out security risk analysis. Finally, risk mitigation measures are put in place to reduce, and where possible eliminate threats that the assets may be exposed to. The mitigation measures, therefore, play a very crucial role in minimizing security risks. Domain analysis which is the first step of customizing security risk analysis is meant to improve the accuracy of the model. The threats, assets, and vulnerabilities are therefore analyzed based on their domains (Kramer, 2013). For example, information systems of a financial institution are completely different from those of a financial institution or a learning institution. The analysis that follows is that of classification of the assets, vulnerability and the threats. Assets can be classified as data, documents, software, hardware, and circumstances. Threats may be classified as human or non-human, network or physical, accidental or deliberate and technical or environmental (Dacey, 201 0). The vulnerability may also be classified based on administration, personnel, physical circumstances, technical hardware, and software. Based on these arguments, the product of loss or damage and the probability is equal to security risk (Dacey, 2010). Loss x probability = Risk The risk in this scenario is the reduction in value of an asset when the asset becomes vulnerable. Probability refers to the chance of occurrence of a threat. Security risk matrix Likelihood of risk Extremely high Medium Generally low Risk impact High Failure to secure the password to the companys server Failure to audit the companys information system Missing security indicators on the server Moderate Failure to secure the companys wireless internet from unauthorized use Usage of un-updated antivirus and firewalls Failure to back up the companys external servers Low Failure to frequently change the password to the server Failure to secure the servers backup Provision of weak passwords to third parties Analysis of relevant threats and vulnerabilities The first step of any analysis of threats and vulnerabilities is the identification of threats that could expose vulnerabilities of an information system. The identification can be done through consideration of the connections and dependencies of the system. In addition, inherited risks, software faults, controls, incorrect file permissions and personal changes must also be closely monitored. Possible vulnerabilities that are associated with every threat are then considered. There is the possibility of a vulnerability being associated with a series of threats if not just one threat. Inputs are then collected from past risk assessments, security advisories, security test results, audits among many others. Disaster Recovery (DR) plan The success of any disaster recovery plan is determined by how well the design is. It is, therefore, necessary to ensure efficient operations during disaster recovery (Kim Solomon, 2016). The recovery should start with a strong defense that provides border protection. The defense should be provided by an external firewall that borders the services of VPN and the router (Velliquette, 2004). Hewlett-Packard has installed an external firewall to their VPN and all their routers. All the three have configurations that have the capacity to transverse all the boundaries of the organization or company (Swanson, 2011). Firewall is the main component of the security infrastructure of any information system. Computer security network should incorporate firewall that incorporates hardware specifications as well as software specifications. Issues of redundancy and physical security should also be taken into account. There should then be an approach plan for fulfilling the primary needs of the or ganization or company in the course of disaster recovery (Velliquette, 2004). Meanwhile, the management of the company should certain their prioritized services so as to secure their systems further. In addition, companies should sign against the limited functionalities during disaster recovery (Velliquette, 2004). The management of HP has equally made that as a rule to be followed by its staff in charge of information system management. Any recovery approach that has been agreed upon should be configured with the perimeter defense such that the perimeter defense would automatically shift to the state of pre-disaster just before any normal operation. The current policy of the company should be considered during the development of the firewall contingency plan. Security modules such as A CERT can be used to test the disaster policy of many firewalls. A method should be implemented to monitor traffic that moves from pre-disaster state to post-disaster state. The method can be tested with the use of relevant data from the very company. A border router that has packet filtering can be used in non-application type of vulnerabilities. Proposal for a contingency plan Information System plays a very important role in the world today. It should, therefore, be in a position to operate without any disruption (Khosrowpour, 1996). A contingency plan is intended to set back the system back into operation whenever there is a disruption. Most of the disruptions are as a result of security risks. The plan simply revolves the acronym of the system and then sets the information system back into operation. A robust contingency plan should incorporate ISCOs and other disaster recovery plans (Kovacich, 2003). Hewlett-Packard company has recovery disaster plans which is in accordance with International security management Acts. The company has incorporated a disaster recovery that can be used to retrieve its information systems acronym in the event of any disruption An established plan that consists of the recovery phase, activation phase, and reconstitution phase should be maximized (Kovacich, 2003). Thereafter, resources and procedures should be identified. They would assist in maximizing the effectiveness of the operation. Responsibilities should be assigned to facility personnel. They would provide further advice that would be of great benefit in the recovery process. Finally, there should be cooperation among all the persons who are involved in the Contingency planning (Swanson, 2011). There should also be a coordination of external points and associated vendors. Furthermore, the owners of an Information system must support the development of a proper ISCPs. The developed ISCOs would be meant for those Information Systems that are ranked much higher. Hewlett-Packard, being a renowned world leading electronics company, the company management has taken all these measures in securing and managing their information systems. Analysis and report on Controls How tools are used in the organization with reference to OSI layers The very first step that should be considered when securing information is the elimination of any information leakage. The information resources should never be compromised at any cost. The physical layer of OSI model explains that obvious things should never be considered as being obvious. In many occasions, technologists have failed to realize that simple measures are equally very important in life (Pace, 2004). Hewlett-Packard Company for an instant has put in place stringent measures to secure leakage of information from the company. Simply obtaining a clue of a resource is enough to declare it as one that has been compromised. There should a proper plan for recovering information in the event that the information data is compromised. A good recovery plan is judged based on its success in the event that information resource has been compromised. There are some harmful tools towards OSI model. However, the problem can be eliminated through an analysis. The network layer of an OSI model is where routers and firewalls operate. The layer provides the best path that links a destination to the source. It is also within the layer that IP addresses are provided so that variables or systems can be uniquely identified. A system that is connected to the internet has an IP address. The address provides a way such that there is contact between the outside world and the system. In order to find a system on the internet, it is a requirement that one has to know the specific public IP address of the system. The same applies to applications. Security of the system is therefore increased through the configuration of the IP addresses such that one cannot easily compromise. Just like other world leading companies, Hewlett-Packard Company has configured their IP address. In addition, they have encrypted all their services to further enhance the security of their information system. The encryption service symbolizes the presentation layer of OSI layer. The technique scrambles all the available content. Encryption provides a sophisticated special code. One must, therefore, reveal the code before h e or she can access the system. The application layer of OSI points towards applications that are based on end-user products. The layer supports authentication and use of other applications (Pace, 2004). The commonly used authentication at the level is a password which is assigned to a unique ID. An individual must key in the unique ID alongside a password in order to access information data. Failure to present the unique ID and a correct password mean that the individual would not have access to the system. It, therefore, reinforces the security of the system since it eliminates people who are not supposed to access the system. An account can be redesigned so that it adheres to a policy. For example, it can specify the length of the password, a combination of letters, digits and or even special characters. The duration over which one can use a password can equally be altered. Such move would simply increase the security level of the system network (Pace, 2004). Organizational units covered by the security policy The information system has security policies that must be observed in every company. At Hewlett-Packard Company, there are users who have been assigned appropriate policy rights. The users are the only ones who are able to modify the security policy of the company. If a new computer if brought into the company domain, then the security policy of the domain would apply to the new computer (Brotby, 2009). The policy of the domain overrides any change that an individual may make to the system at the level of computer desktop (Syngress, 2003). Security policy is a preserve of computers. There are also security groups which are in use in the company by many employees. Security policy enables an individual to apply a given security profile to several computers that are meant to be secured. On the other hand, security group provides standardized rights that are to be adhered to by all the members of a given group. Organizational units can be regrouped to form logical units that are to be used by the users, resource objects and groups as well. The adjustment is always done through a hierarchy which is nested within a domain (Johnson, 2014). Organizational units that are based on a given domain operate independently. Every domain, therefore, has the capacity to fulfill the demands of its own hierarchy. Similarly, domains that are coordinated from one central authority can employ common organizational unit hierarchies. Business Contingency Plan (BCP) based on the risk plan It is sound superfluous for a company to plan for disaster when all its systems are smoothly functioning. Despite that, some degree of care must be undertaken. Hewlett-Packard Company uses logic manage and cloud based tools as its business continuity tools. The tools are able to retrofit all the companys data in case of disaster and then load it back to the system. All gaps would hence be eliminated. The business continuity plan hence foster confidence among the managers of the companys information system. In addition it increases their efficiency and encourages them to embrace innovation. Best practices in security risk management Best practices are necessary for ensuring that the information system of a company is completely secured. Some of the best practices include; Expertise should be considered when choosing the individuals in charge of managing the companys information system. The chosen personnel should avoid access to the companys security controls. The individuals should also have been certified by international associations in charge of privacy such as CIPM or CIPP among others (Brotby, 2009). Business associates of the company must adhere to security and privacy requirements of the same level. They must also comply with HIPAA The management of information system of the company must regularly provide an audit report of the system and recommendations. The report should be detailed detailing all possible vulnerabilities. Conclusion Effectiveness in the performance of a given information system is based on its management. There are several security risks that Information systems are exposed to. Managers of organizations and companies must, therefore, invest in securing the information systems. A completely secure system is free from threats and vulnerabilities. There is no process that has the capacity to shield an information system from all possible security risks. As such, every organization must employ a contingency plan. In addition, there must be a recovery plan that can be used in case the information system is attacked. References Alberts, C. J., Dorofee, A. J. (2002). Managing Information Security Risks: The OCTAVE Approach. Addison-Wesley Professional. Anton, P. S., Anderson, R. H., Mesic, R., Scheier, M. (2004). Finding and Fixing Vulnerabilities in Information Systems: The Vulnerability Assessment and Mitigation Methodology. Rand Corporation. Bagchi, N. (2017). Management Information Systems. Vikas Publishing House, Bidgoli, H. (2016). Handbook of Information Security, Threats, Vulnerabilities, Prevention, Detection, and Management. John Wiley Sons. Brotby, K. (2009). Information Security Governance: A Practical Development and Implementation Approach. John Wiley Sons. Dacey, R. F. (2010). Federal Information System Controls Audit Manual (FISCAM). DIANE Publishing. Johnson, R. (2014). Security Policies and Implementation Issues. Jones Bartlett Publishers. Jones, A., Ashenden, D. (2005). Risk Management for Computer Security: Protecting Your Network and Information Assets. London, UK: Butterworth-Heinemann. Kaschek, R., Kop, C., Claudia, S. (2008). Information Systems and e-Business Technologies: 2nd International United Information Systems Conference, UNISCON 2008, Klagenfurt, Austria, April 22-25, 2008, Proceedings. New York: Springer Science Business Media. Khosrowpour, M. (1996). Information Technology Management and Organizational Innovations: Proceedings of the 1996 Information Resources Management Association International Conference, Washington. Idea Group Inc (IGI),. Kim, D., Solomon, M. G. (2016). Fundamentals of Information Systems Security. Jones Bartlett Publishers. Kovacich, G. L. (2003). The Information Systems Security Officer's Guide: Establishing and Managing an Information Protection Program. Butterworth-Heinemann. Kramer, J. (2013). The CISA Prep Guide: Mastering the Certified Information Systems Auditor Exam. John Wiley Sons. Pace, K. A. (2004). Global Information Assurance Certification Paper. SANS Institute. Pfleeger, C. P., Pfleeger, S. L. (2012). Analyzing Computer Security: A Threat/vulnerability/countermeasure Approach. Chicago: Prentice Hall Professional. Swanson. (2011). Contingency Planning Guide for Federal Information Systems. DIANE Publishing. Syngress. (2003). MCSA/MCSE Implementing, Managing and Maintaining a Microsoft Windows Server 2003 Network Infrastructure (Exam 70-291): Study Guide and DVD Training System. Syngress. Tipton, H. F., Nozaki, M. K. (2012). Information Security Management Handbook, Sixth Edition, Volume 6. CRC Press. Velliquette, D. (2004). Computer Security Considerations in Disaster Recovery Planning.Retrieved from https://www.sans.org/reading-room/whitepapers/recovery/computer-security-considerations-disaster-recovery-planning-1512. GIAC Security Essentials Certification. Wilshusen, G. C. (2009). Information Security: Cyber Threats and Vulnerabilities Place Federal Systems at Risk: Congressional Testimony. DIANE Publishing.
Posted by at No comments:
Subscribe to: Posts (Atom)