IS3230 Unit 3 Assignment 1 Chris Wigint

Satisfactory Essays
IS3230 Unit 3 Assignment 1
Chris Wiginton
ITT Technical Institute, Tampa FL
Instructor: David Marquez
7 April, 2014

The data classification policy is intended to provide a framework for classifying a company’s data based on its level of sensitivity. Data classification entails analyzing the data an organization retains, determining its importance and value, and then assigning it to a category. Data is classified to help determine baselines for security controls in that will be implemented to protect the data. Data classification policies apply to all company employees, their vendors and customers who has authorization to access the data. Anyone who has access to, is responsible for classifying, or is responsible for protecting data and is subject to being held accountable to adhering to the data classification policy. Data classification is the classification of data based on its level of sensitivity and impact to an organization. Impact is determined by how data is disclosed, altered or destroyed without appropriate authorization. How data is classified and the levels of sensitivity associated with it is generally determined by the organization but in some cases the classification is mandated by federal, state and local laws. Data classification levels are typically arranged from the most sensitive data being classified as restricted to unclassified or public data. The classification levels vary depending on the institution. Data is typically classified according to its type such as medical, financial or personal. Most organizations classify data to comply with their requirements of Confidentiality, Integrity and Availability (CIA). Data classification is the responsibility data stewards and their primary purpose is the protection of the confidentiality, integrity and availability of the data and the data classification reflects to level of impact to the organization if the confidentiality, integrity and availability is compromised.

You May Also Find These Documents Helpful

  • Powerful Essays

    IS3230 Unit 4 Assignment 1 Chris Wiginton ITT Technical Institute, Tampa FL Instructor: David Marquez 14 April, 2014 Access Control Plan INTRODUCTION This Dragon Net Solutions (DNS) Access Control and Account Management Plan details the access control and account management activities for Dragon Net Solutions. It facilitates compliance with the National Institute of Standards and Technology’s (NIST) Recommended Security Controls for Federal Information Systems (NIST 800-53) and the NIST Guide…

    • 1211 Words
    • 5 Pages
    Powerful Essays
  • Satisfactory Essays

    Segregation of Duties Matrix (System User-Rights and Permissions Department Jennifer Buster Bradley Lloyd LuEllen Robert Spare Sam Receiving RO RO RO RO RO F BP RO Shipping RO F RO RO F RO BP RO Sales F RO RO RO RO N BP RO Accounts Payable BP N RO N N N BP RO Jennifer’s full time position as Sales would need Sales access for her primary position. She should only have By Position access to Accounts Payable when she is working that position. She would need Read Only for Shipping and Receiving in order…

    • 252 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    The U.S. Federal and State compliance laws in regards to data protection affect all financial institutions in that non-compliance will result in fines and penalties. ABS Financial Solutions handles sensitive data for many credit unions and without regulations governing data security there would be no repercussions when private information is mishandled, lost or stolen. ABS understands their responsibility for protecting their client’s data and the threat of the retribution both federal and civil…

    • 407 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    IS3220 Unit 2 Assignment 1 Chris Wiginton ITT Technical Institute, Tampa FL Instructor: Sherman Moody 26 September, 2014 Corporation Tech will face many security risks with their current network. The user domain is the single most vulnerable part of any network and as such poses the most obvious security risk. To mitigate risks involving the users is to implement policies and training to educate the user on proper use and security best practices. By educating the user on security practices…

    • 612 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Dec 17, 2013 IS3120 Unit1 Unit 1 Assignment 1 The Johnson Company is a small business that provides networking components and services. They are in need of new methods of communication for reaching out to new customers, standing out from other businesses, meeting existing customer needs, and keeping customers informed of news and updates. The Johnson Company still uses analog phone lines and still takes customer orders by hand. Their only current method of advertising is an ad in the yellow…

    • 352 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Unit 10 Assignment 1 Tony Stark ITT Technical Institute Access Control IS3230 Katie Lech February 26, 2015 Unit 10 Assignment 1 In this scenario, the fitness club was hacked from an unknown source. The fitness club has contracted Malcom Testing Solutions to do penetration tests and find any vulnerabilities along with make some security changes to prevent this issue from happening again. The security policies need to be changed as far as account management. For starters, the security policies for…

    • 550 Words
    • 3 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Chris Wiginton 1/10/14 IS-3120 Unit 3 Assignment 3 Convergence of IP-Based Networks In the early days of the Internet, the only way to connect to the Web was by using a modem in conjunction with a dial-up connection. The modems, which stand for modulator-demodulator, were devices that converted analog signals into digital signals. Early modems operated at 1200 bps or bit/s per second to 2400 bps. Data transfer was slow and often unreliable. Today the Internet and the means to access the Internet…

    • 522 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Hollis IS3230 Unit 3 Lab3

    • 766 Words
    • 4 Pages

    Lab Assessment Questions and Answers 1. What is the Data Classification Standard used in the U.S. Department of Defense (DoD)/Military?Google “Data Classification Standard + DoD”. Summarize the different data classifications. Top Secret- The highest security level. Information is classified Top Secret if unauthorized disclosure would cause "exceptionally grave damage" to national security Secret- This is the second-highest classification. Information is classified Secret when its unauthorized…

    • 766 Words
    • 4 Pages
    Good Essays
  • Good Essays

    Unit 3 assignment 1

    • 479 Words
    • 2 Pages

    Purpose The purpose of this policy is to define standards for connecting to Richman Investments network from any host. These standards are designed to minimize the potential exposure to Richman Investments from damages which may result from unauthorized use of Richman Investments resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman Investments internal systems, etc. Scope This policy applies to…

    • 479 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Unit 3 Assignment 1

    • 128 Words
    • 1 Page

    Baldeo Persaud NT 1330 Unit 3 Assignment 1 Business Related Questions: Do you have a DNS Server set up with your company? If so, what kind? What is the IPv4 address range? Will both companies be under one roof or two separate locations? Tasks that would need to be done: Set up a Domain that will let the two locations connect to the same information. Make sure both locations have same kind of DNS Server running. (If an older version is running on one: update and connect server to communicate with…

    • 128 Words
    • 1 Page
    Satisfactory Essays