Security Policy for a Small House or Business

Only available on StudyMode
  • Download(s) : 136
  • Published : April 3, 2012
Open Document
Text Preview

Security Policy for a Small Home or Business
Russell J. Normandin
Kaplan University
Professor Kenneth Flick
March 12th, 2012


This paper is written to understand the basic premise of a Security Plan. Some of the topics that are discussed speak about the vulnerabilities of a network and how a network can be attacked if not properly defended. The Acme security plan has been discussed and topics have been identified in order to help secure the network.

Security Policy Outline Example

The following Security Policy Outline is an example given from the school to be screened and updated in order to fit a small business or home. Introduction- Definitely needed, this part should highlight the Security Policy. Purpose- The Purpose should state the reason for the Security policy. Remove

Roles and Responsibilities- One of the most important pieces to this document. Everyone’s Roles and Responsibilities should be identified to include the users. Security Enforcement- Should identify everyone’s responsibility to enforce network security. Security Incident Response- Identify what will occur once there has been a security violation or mishap. - Remove

Applications Used- Understanding the applications that are going to be used is very important! When an engineer is designing a network he or she must know if there are special needs for the business such as File Transfer Protocol (FTP) or Remote Login while an employee is on the road. Email, web, DNS, DHCP, File and print sharing

Special applications listed
Technical Security- One can say the security requirement for a small business may be non-existent be I believe it may be extremely important. If a small business falls victim to industrial espionage they may become irrelevant which could lead to instability and eventually going out of business. Security requirements

Security architecture
Security infrastructure
Encryption requirements
Configuration management
Identification of Sensitive Information- If the business is running the basic network with an exchange server than the standard user name and password login should be sufficed. The need for advanced PKI and certificates along with hashing algorithms is not needed for a standard small business. Authentication requirements

Access requirements- The server room and Main Distribution Frame should have limited access to the network technicians. - Remove
- Remove
- Remove
Data Backup and Recovery Plan- There is always a need for data backup! Using a SharePoint site, mass Hard Drive Storage or even personal Hard Drives is a plan to save data. Sadly, most people do not think about it until all their information is gone. Appendices- There should be examples of information, acronyms, documents and places to look for information/help identified in the Appendices Section.

Security Policy for a Small Home or Business

As a business decides to create a small network for their organization there are many factors that must be identified in order successfully complete the project. The following is a list of the ten most important items needed to support this business function. 1. Computers- The proper computers need to be identified for the business. Is there a need for laptops that will be used on the road? Should the business purchase the devices or should they sign a lease with a company that will conduct computer refresh for the business? a. Threats- (Theft and Attacks) Computers are extremely susceptible to attacks! This can come unknowingly to the user and can be injected by USB’s, External Hard Drives, IPod’s, E-Readers etc. b. Threat Mitigation- Desk locks, Door Locks and Password/User Name 2. Monitors- What is the need for monitors? Does the user’s space demand the need for a LCD screened monitor? Is there a need for projection systems in a meeting room that would need television screens? c. Threats- (Theft and Vandals)

d. Threat...
tracking img