Impact of a Data Classification Standard
The “Internal Use Only” data classification here at Richman Investments will include the User Domain, the Work Station Domain, and the LAN domain. These domains are the most basic IT Infrastructure domains, and they will cover all the users and workstations in the company. The “Internal Use Only” classification will cover information such as the company telephone directory, new employee training materials, and internal policy manuals. The User Domain defines the people who have access to a company’s information system. This domain contains all of the user information and will enforce an Acceptable Use Policy (AUP) that will define what each user has permissions to do with any company data that they may have access to. This domain is also the weakest link in any company’s infrastructure. The Workstation Domain is where all the user information will be verified, and an account will be set up. They will need to have a user name and password that is assigned to them by the IT department, before they can access the systems, application or data. No personal devices or removable media will be allowed on the network, and all systems will undergo regular updates, and have anti-virus and anti-malware installed on each workstation for monitoring. There will also be an Access Control List (ACL) drawn up to define what access each individual will have on the network. The LAN domain includes all data closets and physical as well as logical elements of the LAN. This domain needs strong security, being that it is the entry and exit points to the wide area network, and makes private information easily accessible to anyone. Users will be screened and authorized by the IT department head and given a special access code. The biggest threat to the LAN domain is unauthorized access. This will be monitored closely to make sure all policies are being followed.
Please join StudyMode to read the full document