Sunteți pe pagina 1din 4

Associate Level Material

Appendix C

Introduction
Student Name: Michael Martin

UNIVERSITY IT/244 INTRO

OF

PHOENIX IT SECURITY

TO

Instructors Name: Ruma Aftab Date: July 1, 2012

Introduction

1. Introduction
Due in Week One: Give an overview of the company and the security goals to be achieved.

1.1.

Company overview

As relates to your selected scenario, give a brief 100- to 200-word overview of the company. The Bloom Design Group is a company that has been around for a long period of time. The company just recently discovered a few problems with security protocols of the company. It is not a big problem, but the company should set aside assets so they can address this issue, while incorporating a plan to fix this. A plan to fix the security issues can be very expensive and put the company in financial disarray. They should make sure that plan is going to be detrimental to companys improvement of its current security policy. The company needs to do an in-depth search to figure out what the current security is and how it was implemented, so they can quickly identify what their concerns with the current policy is. This will give them an idea of what the threats to their security is and what needs to be addressed.

1.2.

Security policy overview

Of the different types of security policiesprogram-level, programframework, Issue-specific, and system-specificbriefly cover which type is appropriate to your selected business scenario and why. With security every company wants to protect all of their information from unwanted intruders. Issues specific policy is ideal for this company since all employees have access to a customers information. Issues specific policy will ask the questions to whom, when, where, and how. This will only give permissions to those who solely need it and for what purpose they need access. In addition it will state the role and responsibilities of the person or persons that access will be granted to.

1.3.

Security policy goals

As applies to your selected scenario, explain how the confidentiality, integrity, and availability principles of information security will be addressed by the information security policy.

1.3.1. Confidentiality
Briefly explain how the policy will protect information.

IT/244 Intro to IT Security

Page 1

Introduction In confidentiality it ensures that the companys or the customers information will only be shared by the authorized persons or organizations. Persons with this access should only use the data to perform a certain task and should not seek personal gain.

1.3.2. Integrity
Give a brief overview of how the policy will provide rules for authentication and verification. Include a description of formal methods and system transactions. This means information cannot be changed or altered without detection while stored or transmitted. If changed the changes should be authorized.

1.3.3. Availability
Briefly describe how the policy will address system back-up and recovery, access control, and quality of service. The readiness of the system responsible for delivery, storing and processing of the information is available when needed by those who need it.

IT/244 Intro to IT Security

Page 2

Introduction

2. References
Cite all your references by adding the pertinent information to this section by following this example. American Psychological Association. (2001). Publication manual of the American Psychological Association (5th ed.). Washington, DC: Author.

IT/244 Intro to IT Security

Page 3

S-ar putea să vă placă și