Information Systems - Risk Management wk3 Essay Example | Topics and Well Written Essays - 750 words

Information Systems - Risk Management wk3 - Essay Example the challenge it can provide for securing an environment, The User Domain, one of seven domains in an IT infrastructure, is considered to be the domain most at risk for attack and compromise, primarily due to the inherent weakness of the human interaction element. There are several types of attacks on the User Domain that are prevalent, as they can be quite successful against an uninformed or untrained employee. Unnecessary access to User Domains can allow segmentation of various groups peeking into confidential data. Imagine a scenario in which the sales department can look up salaries in HR. This is an unsafe practice and can be mitigated by giving each department its own VLAN. Tipton (2005) Before studying User Doman, it is crucial to understand the essence of user domain. The whole focal point of User Domain is to ensure that segregation of duties is conducted in computer’s main frame. Before attempting to observe the issue, it is essential to understand the focal point of user domain itself. In essence, user domain is defined  as set of objects that allow a user to have controls and permissions. In essence, user domains can overlap. Tipton (2005) Another element of user domains is the fact that is allows users to possess segregation of duties. Segregation of duties allows users to have separate domains and grant permissions. User domains can range from simple user access accounts or it can be a specific domain such as sales, marketing, and managers. In the computing world, the weakest link in user domain is a user that has the least privilege. In essence, the weakest link is based on a hierarchy model in security policies and implementation issues. The weakest link can also be a possible vulnerability that can be exploited. A huge flaw in providing securities even with one’s own organization is outside threats. It is clear that many organizations are in this danger as they constantly battle outside risks on daily basis. For instance, denial of service and