Security Policy Essay

304 words - 2 pages

Riordan Manufacturing Security Policy

Smith Systems Consulting has been hired to evaluate and consult on the creation of a new information technology security policy to span the complete enterprise infrastructure. This document will serve as a recommendation for Riordan Manufacturing as it pertains to the enterprise wide information security strategy. Riordan Manufacturing currently has three locations within the United States and one location in Hangzhou, China. All of these locations ...view middle of the document...

An evaluation of the enterprise infrastructure as a whole, as it pertains to information technology security, was also conducted. These evaluations were the starting point for Smith Systems Consulting to design a security strategy to best fit Riordan Manufacturing. The existing security policy consists of location-based data access to on-site servers and on-site access to Unix servers for ERP and MRP systems. Also, it was evident that there are a number of servers and data to be accessed from different operating systems that are deployed throughout the locations. The management of the existing security strategy is one that requires each individual to be assigned access permissions manually throughout their term of employment. This strategy is commonplace in the industry, but requires the IT staff to manage each user individually. Therefore, our results of the evaluation were positive with respect to overall security, but management of the user access is costly and time consuming. With these results in mind, we propose a security policy base on Role Based Access Controls (RBAC).
Role Based Access Controls allows companies to assign roles to users within the same department that need access to the same data.

Other assignments on Security Policy

Nt 2580 Testing And Monitoring Essay

309 words - 2 pages Testing and Monitoring Security Controls Identify at least two types of security events and baseline anomalies that might indicate suspicious activity. Authentication failures and unauthorized access attempts can be found in the log files. They contain complete records of all security events (logon events, resource access, attempted violations of policy, and changes in system configuration or policies) and critical system events (service

Byod Pr Cope? Essay

699 words - 3 pages party, to ensure compliance with organization policy, handle mobile security, and separate between ‘business’ and ‘personal’ usage of the device. MDM services are also required in COPE. Furthermore, IT helpdesk may be inefficient under BYOD policy ; with a wide range of devices used and no standard device policy, help desks may either be less productive due to inability to support devices, or take longer time to complete services due to inexperience

Unit 9 Lab Recommend It Security Policies To Help Mitigate Risk

350 words - 2 pages to school computers - Open connections on the WLAN. - The principals traveling notebook can carry a virus - wireless access security 3. Given the potential risks that you identified, what IT security policies would you recommend be created by the school to help mitigate each of the identified risk exposures you listed in #above? I would say create an AUP and a policy that implements the encryption of the file servers. First and


315 words - 2 pages ensure confidentiality by implementing__________? 9) Encrypting e-mail communications is needed if you are sending confidential information within an e-mail message through the public Internet? 10) Using security policies, standards, procedures, and guidelines helps organizations decrease risks and threats? 11) A data classification standard is usually part of which policy definition? 12) The SSCP professional

Case Study: Creating An Ids Policy

831 words - 4 pages SEC280 Week 6 Assignment – Joseph Ercole Case Study: Creating an IDS Policy. As the need to secure corporate networks continually increases, the task of ensuring the security of sensitive company data so that it is not compromised becomes increasingly difficult with each day. Gem Infosys, a small software company, has decided to secure their computer systems. The organization uses ten PCs and a broadband connection to the Internet. The

Information Systems Security

286 words - 2 pages Colten Ruff 4/24/13 Information Systems Security Unit 4 assignment 1- Enhance an Existing IT Security Policy Framework 1.0 Purpose The purpose of this policy is to define standards for connecting to Richman Investment's network from any host. These standards are designed to minimize the potential exposure to Richman Investment from damages which may result from unauthorized use of Richman Investment resources. Damages include the loss

Principles Of Information Security

953 words - 4 pages institution should develop an institution-wide customer information security policy that each business unit will have to follow. In order to comply with the policy, each business unit will have to develop procedures, business practices, and internal controls that address the policy requirements. Adding security process into your leadership team’s behaviors can also help the culture effort. Make sure executives are apprised of incidents on a regular

Cyber Security In Business

1513 words - 7 pages data security. The retailer spent $61 million through February 1st responding to the breach. It set up a customer response operation, and in an effort to regain lost trust, Steinhafel promised that consumers won’t have to pay any fraudulent charges stemming from the breach (Riley et al., 2014). A thorough review of the events that led up to the Target attack reveal what I feel was poor policy or the lack thereof, and the failure to align

Lab 3

252 words - 2 pages Lab 3 Assessment Questions & Answers 1. What two access controls can be set up for Windows Server 2003 folders and authentication? Authentication & Access Control 2. If you can browse a file on a Windows network share, but are not able to copy it or modify it, what type of access controls and permissions are probably configured? Security Policy 3. What is the Windows tool that allows you to administer granular policies and


2440 words - 10 pages significant Information Technology (IT) security vulnerabilities. AS products and services are at the forefront of the industry and the protection of such is very important as they are an industry leader. The vulnerabilities that will be discussed are the firewall configuration, virtualization of their hardware assets and defining security policy regarding the timeliness of firewall configuration and updates. Company Overview Aircraft Solutions


259 words - 2 pages necessary for the protection of a multilevel computer system; identifying the role of management and policy issues in computer security. This report/paper significantly expanded the scope of computer security to include the following: securing the data, limiting random and unauthorized access to said data, and involving personnel from multiple levels of the organization in matters pertaining to information security. 3. Consider the information

Similar Documents

Information Security Policy Essay

4226 words - 17 pages Axia College Material Appendix B Information Security Policy Student Name: Brice Washington Axia College IT/244 Intro to IT Security Instructor’s Name: Professor Smith Date: 11/7/2011 Table of Contents 1. Executive Summary 1 2. Introduction 1 3. Disaster Recovery Plan 1 3.1. Key elements of the Disaster Recovery Plan 1 3.2. Disaster Recovery Test Plan 1 4. Physical Security Policy

Security Policy & Standard, Task 2

1741 words - 7 pages medical research and the exchange of information of heath care professionals. Institutions rely on grants from OGG to meet this goal. The establishment of a secure environment for SHGTS to operate is paramount to success. Snapshot of security posture: No current ISMS policy is in place at this time. With the aid of the SHGTS risk assessment a review of the overall security posture and development of a comprehensive ISMS plan for HBWC and its

The Internet Essay

989 words - 4 pages data, it needs to put adequate security tools in place such as developing policies and procedures for staff to secure very sensitive information where the business is concern. An effective network security policy is the foundation of an adequate information security environment which protects the business’s confidential data such as its finances and staff salary. A network security policy is the basic document that defines the expectations

Ethical Issues Arising From The Intersection Of Law, Compliance & Investigations

417 words - 2 pages :// [4]. National Cyber Security Policy -2013. (2013). Retrieved from