Axia College Material
Information Security Policy
Student Name: Brice Washington
IT/244 Intro to IT Security
Instructor’s Name: Professor Smith
Table of Contents
1. Executive Summary 1
2. Introduction 1
3. Disaster Recovery Plan 1
3.1. Key elements of the Disaster Recovery Plan 1
3.2. Disaster Recovery Test Plan 1
4. Physical Security Policy 1
4.1. Security of the facilities 1
4.1.1. Physical entry controls 1
4.1.2. Security offices, rooms and facilities 1
4.1.3. Isolated delivery and loading areas 2
4.2. Security of the information systems 2
Threats to the system would be hackers looking to disrupt our system and/or steal sensitive data. There are also natural threats like fires or power outages that can threaten the safety of our data as well.
With the proper implementation, we’ll be able to protect both our physical systems and logical systems and continue to grow as a business. The following information will hopefully help Bloom Design install a good information security policy.
1 Company overview
As relates to your selected scenario, give a brief 100- to 200-word overview of the company.
The Bloom Design Group offers interior design services to business and individual customers all over the world. Bloom has two offices, one in New York and one in Los Angeles. Bloom Design allows for customers to go on their website and experiment with different color designs and arrangements. Interior designers can access the site for client files, style guides and to order new materials. The designers can use a password to access the Bloom site so that they can do their business. The company also has a secure virtual private network or VPN that employees access remotely so they can work anytime anywhere.
2 Security policy overview
Of the different types of security policies—program-level, program-framework, issue-specific, and system-specific—briefly cover which type is appropriate to your selected business scenario and why.
For Bloom Design, I would use program specific policies. Program specific policies address areas of programme implementation company wide. Program framework covers everything from internet browsing to email policies. With a program framework policy we’ll state security goals and how we’ll achieve them. Program framework policy defines the elements that form the basis of the security program. I feel like this is the best choice because it will cover Bloom Design’s basis in many different aspects.
3 Security policy goals
As applies to your selected scenario, explain how the confidentiality, integrity, and availability principles of information security will be addressed by the information security policy.
With a program framework policy designers access the Bloom website through a secure login. This way, only designers who know the passwords will be able to access client files and company style guides. This means designer’s designs, guides, and client details will remain confidential.
Give a brief overview of how the policy will provide rules for authentication and verification. Include a description of formal methods and system transactions.
When a designer wants to access the site for client files or to upload new designs or access client files the integrity of the information is maintained by the person accessing the information. Clients would be able to access the design...