User Account

All Pages

Describe how services are related to cloud computing

Assignment Help Management Information Sys
Reference no: EM131148661

Week 1: Submit Data and Applications Security Impact Analysis and Mitigation Report shell for approval.

Use Word
Title page
Course number and name
Project name
Student name
Date
Table of contents (TOC)
Use an autogenerated TOC.
Use separate pages.
It should be a maximum of 3 levels deep.

Update the fields of the TOC so that it is up-to-date before submitting your project.

Section headings (create each heading on a new page with "TBD" as the content, except for sections listed under "New content" below)
Project Outline and Requirements
Project Life Cycle Security Measures
Security Vulnerability Assessment
Virtualization Security Impact
Cloud Computing Security
Risk Mitigation Strategies for Applications and Databases
New content (to be completed in this Week 1 delivery)

JCI has hired you, a consultant, to assist them with a comprehensive look at their database and application security environment. After an initial meeting with the president and chief information officer (CIO), it was determined that your first deliverable will be twofold. First, you will identify the types of information and data processed by the company, and second, you will look at project life cycles for systems within the company and outline what security measures should be taken at each phase.

Key Assignment Overview

Throughout this course, you will work on several aspects of data and application security that will result in a Data and Applications Security Impact Analysis and Mitigation Report for a company of your choosing. This course is comprised of a series of Individual Project assignments that will contribute to a Key Assignment submission at the end of the course. Each week, you will complete a part of a Data and Applications Security Impact Analysis and Mitigation Report. You will select an organization (real or fictitious), and apply your research to the development of the Data and Applications Security Impact Analysis and Mitigation Report that would be appropriate for implementation within the organization. The goal of this course project is to develop the policies and procedures that are necessary for the data and application security in an enterprise.

Organization and Project Selection

The first step will be to select an organization as the target for your Data and Applications Security Impact Analysis and Mitigation Report. This organization can be real or hypothetical, and it will be used as the basis for each of the assignments throughout the course. It should conform to the following guidelines:

Sensitivity: The selected organization should be large, and it should contain sensitive data requiring the implementation of security measures.
Familiarity: You should be familiar enough with the organization and typical security needs without significant time required for security research and education.

Accessibility: You should have good access to security officers and management or incident response personnel in the organization because these resources will provide direction as they progress throughout the development of the report.

Note: The selected organization may already have a security plan in place and a well-functioning project life cycle to be used as the basis for the project in this course.

Select an organization that fits these requirements, and submit your proposal to your instructor before proceeding further with the assignments in the course. Approval should be sought within the first several days of the course. Your instructor will tell you how to submit this proposal and what notification will be given for project approval.

Assignment Details

For the assignments in this course, you will develop a comprehensive Data and Applications Security Impact Analysis and Mitigation Report structure where you must identify the security measures to be taken at the planning, requirements, design, development, integration and testing, and installation and acceptance phases of the project life cycle.

Task 1

Create the shell document for the final project deliverable that you will be working on throughout the course. As you proceed through each assignment, you will add content to each section of the final document to gradually complete the final project delivery. Appropriate research should be conducted to support the analysis in your plan, and assumptions may be made when necessary.

The overall Data and Applications Security Impact Analysis and Mitigation Report project will consist of the following deliverables:

Week 1: Project Outline and Requirements

Give a brief description of the company (can be hypothetical) where the Data and Applications Security Impact Analysis and Mitigation Report will be implemented. Include the types of information and data that are processed by the company, the company size, location(s), and other pertinent information.

Week 1: Project Life Cycle Security Measures

Give a summary of the security measures to be taken at the planning, requirements, design, development, integration and testing, and installation and acceptance phases of the project life cycle to include the following:

Planning phase: Identify what work products the team will have that will change, or are likely to change, and the functional relationships between those products.

Requirements phase: Identify the requirements and the functional software verifying the identity of a user. Provide any requirements that are applicable to your cryptographic module. FIPS PBU140-2 Security Requirements for Cryptographic Modules can be used as a guideline.

Design phase: Describe how the design team ensures that the software component has trusted modules.

Development phase: Describe how developers will ensure that the application being developed for the cryptographic algorithm will be secure and protective of sensitive data.

Integration and test phase: Identify what will be tested during this phase and the general integration and test procedures that will be used.

Installation and acceptance phase: Identify the purpose of the installation and acceptance phase for both the user and the organizatio

Week 2: Security Vulnerability Assessment

For the development phase of the life cycle, identify software vulnerabilities, associated poor programming practices, and the overall impact that they have on security with your selected organization.

Identify best practices for fixing vulnerabilities and insecure interactions as introduced by poor coding.

Provide a conclusion to summarize the importance of correcting the current vulnerabilities and programming practices.

Week 3: Virtualization Security Impact

Provide an impact analysis that identifies the impact of moving an organization's applications and databases to virtualization. Identify how
this move impacts network security.

Include the services being implemented in the virtualization solution.

Include the strategies needed to mitigate security vulnerabilities that are associated with the organizational virtualization effort (e.g., current virtualization security vulnerability and security risks related to hypervisor security, host or platform security, and securing communications).

Include the configuration management policies and practices that are applicable to the virtualization security implementation.

Week 4: Cloud Computing Security

Identification of security risks to be addressed in the cloud computing environment:

Operating system and other infrastructure complexity

Unauthorized user access

Increased administrator roles

Legal compliance

Issues related to programmer service mapping to the cloud

Accesses to services moved to the cloud

Describe the application that is being released into the cloud computing environment and how this affects security from a standpoint of network communications, system configuration, security controls, and user responsibilities.

Describe the migration of corporate resources to various types of clouds, such as the private, public, hybrid, and community clouds, and the associated deployment model.

Describe how services are related to cloud computing (e.g., software, platforms, and infrastructure services).

Describe how organizations are placing controls and access policies on their data to control accesses to data and their locations on servers and off-site data locations.

Week 5: Risk Mitigation Strategies for Applications and Databases

Risk Management of Software from a Business Perspective

Creates a basis for understanding what software risks are critical; current business goals, operational, and technical priorities; circumstances of taking certain business actions must be identified and understood

Business and Technical Risk

Identification of what risks financially affect which organizational goals; reputation, liability concerns, and increased development cost; business and software risks must be quantified

Risk Prioritization

Determines which business goals are critical or important and which technical risks may affect business operations

Risk Mitigation Strategy

Strategy takes into account time, resources, likelihood of operational success, and overall impact; involves metrics and validation procedures to ensure the risks are mitigated

Repair Problems With Architecture, Requirements, and Design

Involves the study of open risks, evaluating quality metrics, and judging progress against any existing riskst.

Reference no: EM131148661

Questions Cloud

How accrual accounting differs from cash basis accounting : Explain how accrual accounting differs from cash-basis accounting; - adjust the account:- An accountant made the following adjustments at December 31, the end of the accounting period:
Who is the intended audience of each article : Who is the intended audience of each article? What is the purpose or perspective of each of the articles? What are the common themes in the articles?
What is the average utilization of 10 toilets : What is the average utilization of 10 toilets?-  What is the expected time a customer will have to wait? - How long will the average toilet be empty during a 5-­-hour concert?
Design and implement the class day : Design and implement the class Day that implements the day of the week in a program. The class Day should store the day, such as Sun for Sunday
Describe how services are related to cloud computing : Describe the migration of corporate resources to various types of clouds, such as the private, public, hybrid, and community clouds, and the associated deployment model. Describe how services are related to cloud computing (e.g., software, platform..
The characteristics of an effective accounting teacher : Explain in detail the purpose of a scheme of work for Accounting as a school subject.- Critically discuss the purpose of an effective instructional objective when preparing an Accounting less
What do you think the advantages of method overloading : What side are you on? What do you think the advantages of method overloading are? How would you use method overloading when writing a program? Critique or defend your classmates' positions
Discuss issues by examining the relevant element of contract : Advise Jim if there is an enforceable contract and will Francis be successful? Discuss the issues by examining the relevant elements of contract.
Write a script that inputs three integers : Write a script that inputs three integers from the user and displays the sum, average, product, smallest and largest of the numbers in an alert dialog2

Reviews

Write a Review

Management Information Sys Questions & Answers

  Proactive vs reactive organizationshow can you break the

proactive vs reactive organizationshow can you break the mold and move an organization to a more proactive approach

  How are mobile devices changing the way it systems

How are mobile devices changing the way IT systems

  Calculate the total cost of outsourcing the online help desk

Calculate the total cost of outsourcing the online help desk versus staying with the current solution. Which option is cheaper? What other factors, other than costs, should Pagoda consider? How would you weigh these factors? Given the above, how mig..

  Develop intellectual property infringement ramifications

Develop intellectual property violation reporting procedures. Develop intellectual property infringement ramifications. Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality reso..

  Describe the application architecture and process design

Include a high-level description of the security controls that you recommend for the design of this HR system. Apply the tools of systems analysis to describe the information system's architecture in terms of data, processes, interfaces, and netwo..

  Why information systems today are currently effective

In a one to two page paper describe why information systems today are currently effective or ineffective in assisting with problem resolution in an organization.

  Create a presentation about the components of the system

Create a presentation in Microsoft PowerPoint that will present information about the components of the system that you recommend as well as the cost data to the company executives.

  Important goals and considerations of information security

Why are information security and privacy important considerations in the design, development, and maintenance of HRIS. What are the important goals and considerations of information security

  Systems planning development implementation what are

systems planning development implementation what are different types of designs?system design includes determining the

  Write a report on social media and erp system

write a report on Social Media and ERP System

  Description of the project and its value to the organization

Prepare a project charter as a 9-slide Microsoft PowerPoint presentation, not including the title or reference slide. Your charter must include the following elements: The project stakeholders and A description of the project and its value to the o..

  Utilization of information technology in churches in the

utilization of information technology in churches in the u.s1. i need help with 2 pages overview of how churches in the

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd