Reference no: EM131213583
Application: Creating a Security Policy
You have just purchased a used car at a fantastic price. You are so excited that you decide to take an extended drive. Unfortunately, you experience a flat tire and discover that you do not have a spare. Now, your vehicle is disabled because you are missing a critical component. You are in a potentially bad situation.
One aspect of security policies that is often neglected is what assets staff members are permitted to use and how they may use those assets. Failure to address staff members in security policies might weaken an organization's legal position. An incomplete security policy, like a missing spare tire, may not be realized until an incident has occurred. Consequently, the organization could find itself in a potentially bad situation.
***
The U.S. Army has hired your firm, Token Tiger Consulting (TTC), to provide IT services to one of their new civilian contractors. Although the exact nature of this contractor is not known to TTC, the Army has indicated that this contractor will be gathering and storing "sensitive" data, and communicating with the Army via the Internet and communications security (COMSEC) equipment. Furthermore, some contractor staff travel often and are required to use their own personal devices for work.
The Colonel that hired TTC has asked you to begin drafting a security policy for the contractor. You decide to begin with the separation of duties (SoD), staff legal obligations (e.g., bring your own device [BYOD], social media, and acceptable use), and the COMSEC equipment.
For this Assignment, write a 4- to 5-page security policy that:
- Specifies SoD requirements for contractor staff who handle sensitive data
- Addresses the legal obligations that pertain to contractor staff
- Specifies procedures for COMSEC equipment
Required ResourcesReadings
- Coleman, K. (2008). Separation of duties and IT security. Retrieved fromhttps://www.csoonline.com/article/446017/separation-of-duties-and-it-security
This article details separation of duties (SoD) as a key concept of internal controls, and describes strategies for successful achievement.
- Gregg, J., Nam, M., Northcutt, S., & Pokladnik, M. (2012). Separation of duties in information technology. Retrieved from https://www.sans.edu/research/security-laboratory/article/it-separation-duties
This article discusses the necessity for classic security methods to manage conflict of interest, the appearance of conflict of interest, and fraud.
- Goodwin, J. (2011). Mobile devices spawn new B.Y.O.D. security policies. Retrieved fromhttps://www.gsnmagazine.com/node/25348
This article discusses the growing interest in B.Y.O.D. (Bring Your Own Device) and a variety of technical issues related to the security of the devices within the IT network system.
- Kim, K. (n.d.). Organizational level (O-Level) production divisions fundamentals. Retrieved fromhttps://www.google.com/url?q=https://www.amdo.org/114_production.doc&sa=U&ei=bD_8T_rUCoKi9QTY9MzTBg&ved=0CC0QFjAJOFA&usg=AFQjCNElFh2fbLq6wt-jEt7ST-sN_rRE1g
- Section .6, "Discuss the Security/Accountability Procedures for COMSEC Equipment [Ref. E]" (pp. 6-7)
This section describes procedures for COMSEC equipment.
- Simek, J. W., & Nelson, S. D. (2012). Essential law firm technologies and plans. Law Practice, 38(2). Retrieved fromhttps://www.americanbar.org/publications/law_practice_magazine/2012/march_april/hot-buttons.html
|
Add the termination detection algorithm
: For this exercise, extend the transaction manager so that the individual transactions can themselves be concurrent. Hint: add the termination detection algorithm of section 5.6.3.
|
|
Management estimates that the new bottling machine
: Caine Bottling Corporation is considering the purchase of a new bottling machine. The machine would cost $172,129 and has an estimated useful life of 8 years with zero salvage value. Management estimates that the new bottling machine will provide net..
|
|
Difference in a consultant vs a contractor
: Part I: Can one be productive working at home? Please describe in detail of whether or not your choice on this. Part II: What is the difference in a Consultant vs a Contractor? Please describe the differences.
|
|
Credit union finances auto loans for its members
: Lake Michigan Credit Union finances auto loans for its members. Each loan can be classified into one of four categories: paid in full, good standing, poor standing (with one or more missing payments), and delinquent (where the debt is sold to a colle..
|
|
Application-creating a security policy
: You have just purchased a used car at a fantastic price. You are so excited that you decide to take an extended drive. Unfortunately, you experience a flat tire and discover that you do not have a spare. Now, your vehicle is disabled because you a..
|
|
Report on strategy to source capture & exploit innovatation
: Write a report on topic "Strategy to source, capture and exploit innovation" in 500 Words.
|
|
How does this fit the definition of new media
: How does this fit the definition of new media. thoughts on type of work and how it is viewed, experienced and appreciated. how does this work compares to other contemporary works.
|
|
Advise fastwater ltd on the tax consequences
: ACC5TAX Assignment - Case Study: Fastwater. Advise Fastwater Ltd on the tax consequences in relation to the above expenses for the year ending 30 June 2017. applying legislation and case law to support and develop your arguments
|
|
Separation of duties
: Have you seen a movie where nuclear missiles were being test launched? If so, you might recall that two military officers followed a complex procedure to initiate the test launch. Each officer had half of what was needed to complete the procedure...
|