It 244 Final

Only available on StudyMode
  • Download(s) : 175
  • Published : November 11, 2012
Open Document
Text Preview
Associate Level Material
Appendix B

Information Security Policy

Student Name:

University of Phoenix

IT/244 Intro to IT Security

Instructor’s Name:

Date:

Table of Contents

Table of Contents1

1. Executive Summary1

2. Introduction2

3. Disaster Recovery Plan4

4. Physical Security Policy7

5. Access Control Policy11

6. Network Security Policy14

7. References17

Executive Summary

Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario.

There is no such thing as complete security. Offensive security measures are always being devised to compromise the integrity of a network. Security precautions are constantly being developed in order to battle this constant onsalught of attacks. Any professional organization who cares about the security fo their system, is pretty much guaranteed to put some sort of physical or logical security measures in place.

Physical security measures are procautions that inckude things such as security cameras, guards, Id badges, or even a tridtional lock and key. These types of defense are designed to be preventative of external attakcs or infiltration. Logical Security systems include things such as user admin accounts, passwords, and principles like least privelage that prevent unecesary access all contribute to the prevention of external as weel as internal threats.

With the proper security measure in place, Sunica Entertainment Co. should be well on their way to ensuring the integrity of their network as well as increasing the eficciency of support and access. With the new servers, administrators will also be able to login to access information or perform maintenance from any Sunica branch. This improved control and security will only improve the health of this company.

Introduction

Due in Week One: Give an overview of the company and the security goals to be achieved.

1 Company overview

As relates to your selected scenario, give a brief 100- to 200-word overview of the company.

I decided to go with the Sunica Music and Movie Franchise. Sunica is a multimedia media chain with four different locations. The four stores lack the technology to synchronize their sales as well as their inventories. The four stores needs to implement a system that will collaborate the information from all four locations to one central database. This insufficient technology has cost Sunica unnecessary staffing as well as spending. By implementing a central web server, Sunica can ensure that all the locations will have access to information regarding inventory, accounting, or any up-to-date information the customer may want to know.

2 Security policy overview

Of the different types of security policies—program-level, program-framework, issue-specific, and system-specific—briefly cover which type is appropriate to your selected business scenario and why.

Sunica could actually benefit from implementing multiple policies such as program-framework and system-specific to ensure the company has a secure foundation. A system-specific policy would ensure that the administrators and the employees had specific policies to abide by.

3 Security policy goals

As applies to your selected scenario, explain how the confidentiality, integrity, and availability principles of information security will be addressed by the information security policy.

1 Confidentiality

Briefly explain how the policy will protect information.

Just like any effective system, there must be a hierarchy of rights and capabilities. In order to establish a truly secure VPN workspace, the company needs to create user-specific logon.

2 Integrity

Give a brief overview of how the policy will provide rules for...
tracking img