User Account

All Pages

Review the essential elements of a security strategy

Assignment Help Computer Network Security
Reference no: EM131812629

Assignment

As an IT professional, you'll often be required to communicate policies, standards, and practices in the workplace. For this assignment, you'll practice this important task by taking on the role of an IT professional charged with creating a memo to communicate your company's new security strategy.

The specific course learning outcomes associated with this assignment are:

• Analyze the importance of network architecture to security operations.
• Apply information security standards to real-world implementation.
• Communicate how problem-solving concepts are applied in a business environment.
• Use information resources to research issues in information systems security.
• Write clearly about network security topics using proper writing mechanics and business formats.

Preparation

1. Review the essential elements of a security strategy

A successful IT administration strategy requires the continuous enforcement of policies, standards, and practices (procedures) within the organization. Review these elements to see how they compare:

Policy: The general statements that direct the organization's internal and external communication and goals.

Standards: Describe the requirements of a given activity related to the policy. They are more detailed and specific than policies. In effect, standards are rules that evaluate the quality of the activity. For example, standards define the structure of the password and the numbers, letters, and special characters that must be used in order to create a password.

Practices: The written instructions that describe a series of steps to be followed during the performance of a given activity. Practices must support and enhance the work environment. Also referred to as procedures.

2. Describe the business environment

You are the IT professional in charge of security for a company that has recently opened within a shopping mall. Describe the current IT environment at this business. You can draw details from a company you work for now or for which you have worked in the past. You'll need to get creative and identify the details about this business that will influence the policies you'll create. For example, does the company allow cell phone email apps? Does the company allow web mail? If so, how will this affect the mobile computing policy? Describe all the details about this business environment that will be necessary to support your strategy.

3. Research sample policies

Familiarize yourself with various templates and sample policies used in the IT field. Do not just copy another company's security policy, but rather learn from the best practices of other companies and apply them to yours. Use these resources to help structure your policies:

• Information Security Policy Templates

• Sample Data Security Policies

• Additional Examples and Tips

Example 1: XYZ Inc. Company-Wide Employee Password Strategy

Policies

•All users must have a password.
•Passwords must be changed every six months.

Standards

•A password must have a minimum of six characters.
•A password must have a maximum of 12 characters.
•A password must contain letters, numbers, and special characters other than $.

Practices-Employee

•Create a password. The UserID should be an EmployeeID already generated by HR.
•Send a request to create the account to the Information Technology (IT) department.
•User receives a temporary password.
•Users must change their temporary password the first time they log in.

Example 2: Security Policy and Standards

Password Policy: Passwords are an important part of computer security at your organization. They often serve as the first line of defense in preventing unauthorized access to the organization's computers and data.

In order to define the password policy, it is important to identify the standards.

1. Multi-factor authentication
2. Password strength standard
3. Password security standards; how to keep the password secure

Tips and Points to Consider When Identifying Risks or Security Vulnerabilities

•Flaws in operating systems due to constant attack by malware
•Denial of services attacks
•Employees data theft
•User set a weak password or password that is easy to guess, such as a birthday or child's name.
•User leaves sensitive data on an unlocked, unattended computer
•Organization allows sensitive data on a laptop that leaves the building
•Data can be accessed remotely without using proper security

Memo Outline

Network Security Associates of Atlantis, Inc. 123 Watery Lane
Atlantis, USVI 91199

From: IT Security Dept. Re: Security Policy

Section 1: General Policies and Motivation
Section 2: Passwords
Section 3: Biometrics
Section 4: Tokens
Section 5: Physical Security
Section 6: Email Policies
Section 7: Breach Reporting Responsibilities
Section 8: Mobile Policy and BYOD (Bring Your Own Device).

Reference no: EM131812629

Questions Cloud

Does the swot relate to strategic assessment : What advice would you give them on analyzing the results of the SWOT analysis? Does the SWOT relate to strategic assessment? How?
List the outcomes that correspond to the statement : List the outcomes that correspond to the statement "All the coins are heads." List the outcomes that correspond to the statement "Not all the coins are heads."
Literature review - diabetes treatment technologies : How can technology and awareness TECHNIQUES assist a parents of youth type one diabetics - Methodological consecrations for using actor network theory (ANT)
What are your thoughts about the validity of a strengths : What are your thoughts about the validity of a strengths, weaknesses, opportunities, and threats (SWOT) analysis in strategic planning?
Review the essential elements of a security strategy : Analyze the importance of network architecture to security operations. Review the essential elements of a security strategy.
Identify regulatory bodies or industry regulations : Identify at least three regulatory bodies or industry regulations that specify certification, licensure requirements, or scope of practice for your specialty.
Compare two different advanced registered nurse roles : Compare two different advanced registered nurse roles with regard to ethical guidelines.
Separate overhead into fixed and variable components : Separate overhead into fixed and variable components using regression analysis. Run seven regressions by using different combinations of three independent
Discuss the prevalence of each of these health problems : Choose three health issues that regular physical exercise and activity can help prevent and manage.

Reviews

Write a Review

Computer Network Security Questions & Answers

  Discuss the description of the code and its purpose

Create a PowerPoint slide for each code. Each slide should discuss the description of the code, its purpose, and how it will impact the completion of the cable plant within the new building.

  Project - security plan for a general support system

CSIA 413: Cyber Security Policy, Plans, and Programs. Research and then draft the required system security plan for a General Support System

  Dscribe three 3 ways in which businesses use internet

assume that you were recently hired by a manufacturing company as a systems administrator trainee. your first

  A network-based attack and client-based attack

Imagine working for an organization in which you were assigned to protect mission critical cloud-based Web applications that several of your third-party customers need to have access to on a regular basis.

  Define cybercrimes and computer security

Evaluate how teamwork and leadership are effective tools for financial forensic investigations. Provide support for your evaluation.

  How will cross-forest trusts be implemented

CMIT-371 Windows Network ServicesProposal- How will Forest Functional Levels be implemented? How will cross-forest trusts be implemented? How will replication be handled? Read-Only Domain Controllers - how and where will they be used?

  Ow does smart grid concept impact cybersecurity discussion

What do you think are the current issues facing our power grids to defend against attacks? And, how does the Smart Grid concept impact the cybersecurity discussion?

  Security suppose you have recently responded to your first

suppose you have recently responded to your first computer forensic incident based on the results of your investigation

  What types of risks or vulnerabilities could be transferred

What types of risks or vulnerabilities could be transferred from a supplier and/or imposed upon a purchaser of cyber security related products and/or services?

  What is the difference between inference and aggregation

What is the difference between inference and aggregation? Give an example of each, and describe at least one way to mitigate each type of vulnerability.

  Explain the meaning the terms granularity

In reference to access control explain the meaning the terms "granularity". Discuss the trade-off between granularity and efficiency.

  Determine troubleshooting steps it support technician follow

Determine at least two troubleshooting steps an IT support technician should follow to find a solution to a general network printing issue.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd