Impact of a Data Classification Standard|
NT2580 Information Security|
Fernando Gomez Cabral|
In regards to the Internal Use Only data classification field, there are different IT infrastructure domains that can be affected. After researching I have decided that these are at the top of that list: the User Domain, the Workstation Domain, and the LAN Domain. I will identify each domains weaknesses individually.
The User Domain is the most important because the user can easily create a problem within the network, therefore can be considered the weakest link. The user domain defines the people who access an organizations network and IT infrastructure. In the user domain you will find an acceptable use policy, also known as an AUP. An AUP defines what a user can and cannot do within the organization. Some of the don’ts include but are not limited to malicious emails to and from other co-workers, breaking security policies by entering co-workers workstations, inappropriate web browsing that can lead to viruses, as well as uploading and downloading music, videos, and pictures off the internet. The user can also go as far as stealing important data from the company through USB flash drives, as well as inserting viruses the through these devices. It would be a good idea to monitor any problem or disgruntled employees and any strange activity on the network.
The Workstation Domain is of course where users connect to the company’s network. This can be through a desktop, company laptops, tablets, or any device that connects to the network. Employees should always remember to log off their workstations to avoid unauthorized use as well as not giving out their passwords to co-workers. A good idea is to enable the screen lockout when the desktop is idle. Also block or limit user rights to download, install software, and their access to certain files on the web. This can decrease the threat of viruses, malware,...