IS3230 Unit 2 Assignment 2 Chris Wigint
ITT Technical Institute, Tampa FL
Instructor: David Marquez
30 March, 2014
Global Limited is a global provider of infrastructure information systems, whose services cater to a wide range of industry sectors. One of Global Limited’s business objectives is information security for their clients. In order to provide their clients with information security, Global Limited has utilized a risk management approach to protect their client’s information.
From a security standpoint the step taken by Global Limited are sound and will maximize the security of their client’s information. The main weakness as such will remain at the user level. If the end users both internal and external are not security conscious and vigilant in their security awareness then there is a risk of a vulnerability being exploited.
The access controls Global Limited implemented using access tokens and PIN numbers for authentication provides a level of security to protect unauthorized access to data and systems. The additional use of the Data Loss Prevention (DLP) product to manage data across the network is integral to compliance of the CIA triad.
Global Limited’s approach of layered security from end- point to end user utilized several different methods of controls thus providing their clients with a single comprehensive strategy. Although there is no real way to have complete security against all threats, Global Limited has provided their clients with a secure solution without being so intrusive that the end users cannot do their jobs.
If a company or organization’s data and systems are not secure, be it from lack of proper controls or improper physical security, then they would be out of compliance with industry standards. According to the SOX act a company is supposed to have internal controls in place to prevent and detect unauthorized access of financial data.
Global’s risk management approach was a key factor in the success of their
References: Managed Network Security, IDS IPS Solutions Provider - Clone Systems, Inc. (n.d.). Retrieved March 30, 2014, from http://www.clone-systems.com/?gclid=CPCGzpWn1r0CFaVxOgodtEcAeQ Titan CMS content management systems. (n.d.). Retrieved March 30, 2014, from http://titancms.com/home.htm