Information Overload: Modern Design of Information Security Framework, Speech Example

INTRODUCTION

  • Today, information technology and the Internet have remarkably increased the amount of information the users and employees access and process daily in their corporate environment (Juvvadi, 2003). Information is easier to obtain because of the different ways it can be acquired. But, since it is kept in separate, sometimes disconnected and unorganized facilities, it results in a huge volume of data which causes in “information overload” in the corporate systems.
  • Xiao, Jones and Lymer presented a study in which they indicated that as internet has rapidly evolved and entered into every field of life, it has great significance to financial reporting also (2005). In future, the use of internet can affect the financial reporting systems in many ways that are needed to be explored.
  • Email is a main reason for information overload in corporate environments. However, it is not the single factor. The modern corporate has large websites with information and pages increasing each month. Most of the information is kept in an unorganized, disconnected manner; corporate businesses often make their important business decisions by using this incomplete and out-dated data.

THESIS STATEMENT

Owing to the vast amount of information stored in today’s modern systems we are in danger of creating an information overload; the concept of paralysis by analysis. As such it is arguable that we need to take steps to retain only meaningful and useful information

FRAMEWORK FOR VISUALIZATION SYSTEMS

  • A modern Framework – A Modern Design of Information Security Framework. It shows how the security data passes through a number of different stages like preprocessing, pre-filtering, post-filtering, encoding, and then finally appears on the visualization screen. On viewing the visual display, the users can log the results and obtain customized reports.
  • A comprehensive Information Security framework. Identified components include the following:
    • Inputs – The inputs might be of different types from an extensive array of data quality, ranging from unprocessed data to super-refined semantic data.
    • Pre-filtering – With pre-filtering process, the users will be able to select the specific or required sub-category of records or fields for the next processing resulting in the less use of system resources.
    • System Storage – This type of storage is not mandatory and can be bypassed in cases in which interactivity is minimal and process is not needed
    • Post filtering and encoding – Filtering and encoding are twisted together and makes a loop. Prior to the process in the graphics engine and subsequent visualization, users are able to make selection about the information they want to see and the way of representation
    • Graphics and Visualisation – The visualizations present the information in various ways as they use numerous information visualization methods.
    • Visual Logging – Visual logging and reporting are of great significance, especially the reporting section; this allows sharing results with other experts, users, and administrators
    • IDS Rainstorm – IDS RainStorm shows general representation of alarm information, enabling system administrator to analyze the network status and easily find anomalies
    • Glossing – Glossing actuates when a cursor is pointed over any graphic or any textual area showing more details. In a zoom display, when pointed on any alarm glyph, gloss opens up containing details like the type of alarm, time, origin, and related IP address.
    • Filtering – Filtering option is available in both view schemes i.e. overview and zoom views.

 

A comprehensive security framework boils down to three familiar basic components: people, technology, and process. (Patil,J.2008)

 

CONCLUSIONS

  • Images play a vital role in modern frameworks in order to depict the activities that have been accomplished on the system during the day.

 

  • Visual information of the security on a system is required in order that a holistic representation of the entire system activity may be fully realised.

 

  • System Administrators have in recent years had to take on a more global perspective . This means taking a more holistic view of security and risk management with the view that a common set of procedures and standards are implemented, monitored and enforced across the entire international corporate network. Such a task is a major undertaking and many of the larger Banks have found it cheaper (by economies of scale) to subcontract this work to that of specialist security firms.

 

  • The images provide a frame of reference for an administrator to view how the activity of the entire day has been. If any day the system administrator finds some variation, he can look into it more to check whether the deviation is anomalous. For a system administrator, comparison of the two images is a much easier task as compared to comparison of text logs.

 

  • Today, for the corporate environments, information visualization of their security-related data is highly essential to ensure more security of their computers, servers, and networking. It is a both artistic and scientific work that requires professional capabilities related to graphics, information visualization, user interface development, and security communities to display the raw information into clear, useful and significant information and contents

 

  • Generally, the flood of information is managed by roughly created statistical methods, textual views, and old graphical methods and sometimes by by-passing big amount of information

References

International Organisation of Supreme Audit Institutions. (1995). Information System Security Review. New York: International Organisation of Supreme Audit Institutions.

Patil, J. (2008). INFORMATION SECURITY FRAMEWORK: CASE STUDY OF A MANUFACTURING ORGANIZATION. Mercy College.