Unit 3 Assignment 1: Remote Access Control Policy Definition

Good Essays
Topics: Access control
Richman Investments has decided to expand their business. We have been given their new growth projections of 10,000 employees in 20 countries, with 5,000 located within the U.S. Richman has also established eight branch offices located throughout the U.S. and has designated Phoenix, AZ being the main headquarters. With this scenario, I intend to design a remote access control policy for all systems, applications and data access within Richman Investments. With so many different modes of Access Control to choose from it is my assessment that by choosing only one model would not be appropriate for Richman Investments. My recommendation would be a combination of multiple Access Control Models that overlap to provide maximum coverage and overall security. Here are my suggestions for access controls. Role Based Access Control or RBAC, this will work well with the Non-Discretionary Access Control model, which will be detailed in the next paragraph. RBAC is defined as setting permissions or granting access to a group of people with the same job roles or responsibilities . With many different locations along with many different users it is important to identify the different users and different workstations within this network. Every effort should be dedicated towards preventing user to access information they should not have access to.
Non-Discretionary Access Control is defined as controls that are monitored by a security administrator. While RBAC identifies those with permissions, it is a security administrator that should further identify the level of access to each Role that is created. The security administrator should also designate certain users or workstations access to the information available within the network. Rule Based Access Control can also be linked to the first two models detailed in the paper (RBAC and Non-Discretionary), and is similar to RBAC. Rule Based Access Control is a set of rules to determine which users have access to



References: Kim, D., & Solomon, M. G. (2012). Fundamentals of Information Systems SecuritY. Sudbury: Jones & Bartlett Learning.

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Remote Access Control Policy: Richman Corporation Authorization Rules: Controls will be configured to ensure access is approved for only company/corporate employees. These controls will be set up based off of the position (job roles) of the employees to ensure they can only access what is required to allow them to perform their duties. The policy will include group membership policies as well as authority-level policies. The employee access will be assigned to the appropriate groups and authority-…

    • 328 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    VPN access control model for a large scale company. * This policy will support remote access control for systems, applications, and data access. Remote access Defined Remote access for employees is deployed by using remote access VPN connections across the Internet based on the settings configured for the VPN Server, and the following additional settings. The following diagram shows the VPN server that provides remote access VPN connections. Domain/Network Config: For each employee…

    • 297 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Chris Stewart 4/6/2014 NT2580 Mon AM Policy General 1. It is the responsibility of Richman Investments employees, third party contractors, vendors and agents with remote access privileges to Richman Investments' networks to ensure that their remote access connection is given the same consideration as the user's on-site connection to the company. 2. General access to the Internet for recreational use by employees is discouraged through the Richman Investments Network. Employees of Richman…

    • 254 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    your needs and circumstances and have designed a remote access control policy that will work for you and your company. This is a multi-layered security system that consists of the user’s domain. The user is the first and the weakest link in any system. The security is only as strong as the user’s ability to understand what can go wrong. We can implement a training program session for security awareness. Another security measure is to implement a policy to stop employees from bringing in CD’S, DVD’S…

    • 775 Words
    • 4 Pages
    Better Essays
  • Good Essays

    remote access policy

    • 464 Words
    • 2 Pages

    Remote access policy Purpose The purpose of this policy will provide the standards for connecting to any DoD networks from any host. These standards are created and designed to minimize any potential exposure to DoD network (s) from damage which may result from unauthorized user or access of DoD networks. Damages include loss of confidential or sensitive data, intellectual data, and damage to critical DoD internal systems. Scope This policy will apply to all DoD employees, contractors, vendors…

    • 464 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Remote Access Control Policy for Richman Investments Authorization- Richman Investments must define rules as to who has access to which computer and network resources. My suggestion is that RI implements either a group membership policy or an authority-level policy to achieve this. Group policy would allow the administrator to assign different privileges to different groups. The admin would then assign different individual users to those different groups. So the users permissions would depend…

    • 302 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Access Control Policy

    • 703 Words
    • 3 Pages

    Material Appendix F Access Control Policy Student Name: University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Date: December 9, 2012 Access Control Policy Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems 1 Authentication Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include…

    • 703 Words
    • 3 Pages
    Good Essays
  • Powerful Essays

    Remote Access

    • 1553 Words
    • 7 Pages

    Remote Access Remote access • refers to the ability to access a computer, such as a home computer or an office network computer, from a remote location. • Remote access can be set up using a local area network (LAN), wide area network (WAN) or even a virtual private network (VPN) so that resources and systems can be accessed remotely. • To establish a remote connection, both the local machine and the remote computer/server must have remote-access software. Alternatively, there are service providers…

    • 1553 Words
    • 7 Pages
    Powerful Essays
  • Powerful Essays

    Access Control Policy

    • 833 Words
    • 3 Pages

    Associate Level Material Appendix F Access Control Policy Student Name: Casey DeCesare University of Phoenix IT/244 Intro to IT Security Instructor’s Name: Scott Sabo Date: 5/27/2014 1. Access Control Policy Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems 1.1. Authentication Describe how and why authentication credentials are used to identify and control access to files, screens, and systems. Include…

    • 833 Words
    • 3 Pages
    Powerful Essays
  • Good Essays

    Remote Access Policy 1. Overview See Purpose. 2. Purpose The purpose of this policy is to define standards for connecting to Corona District High School's network from any host. These standards are designed to minimize the potential exposure to Corona District High School from damages which may result from unauthorized use of Corona District High School resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical…

    • 848 Words
    • 4 Pages
    Good Essays