User Account

All Pages

Describe the need for information security

Assignment Help Computer Network Security
Reference no: EM13976531

Working with a scenario in which some basic background information is provided about a consulting firm. This scenario and information is typical in many companies today. You are tasked to select a company that you are familiar with that is facing a similar situation. The company can be real or fictitious, but the framework and problems that it faces should be similar.

The case study shows a company that is growing, and its security posture needs to be updated based on this growth. Based on the recent initial public offering (IPO), the company has new regulatory requirements that it must meet. To meet these requirements, a review of the current security must be conducted. This provides a chance to review the current security mechanisms and analyze the threats that the company could face. In addition, the company needs to expand its current network infrastructure to allow employees to work more efficiently, but in a secure environment. What problems does the company currently face, and how does the expansion pose new threats?

Choose and describe the company that you will use in the scenario. Describe the need for information security, what potential issues and issues risks exist, and what benefits the company can gain from the new project. Describe what new challenges exist with the new project to allow consultants to work on-site. What challenges now apply to the company with respect to the recent IPO? Make sure to include references. 

Project Outline and Requirements (Week 1) 

Organization Description

Real-Time Integration Systems is a publicly traded company based in San Jose, California that offers customized solutions to customers and clients. The main focus for Real-Time is the creation of solutions based on integrating the various systems that are used in the customers' offices so that they can have a single management interface for all systems and applications. Real-Time has 100 employees. About one third is internal company-based support, and two thirds of the employee base is consulting staff working on the customized solutions. The company recently underwent an IPO, and as such, now has additional regulatory requirements that it must meet. Talking with the company's chief information officer (CIO) and chief financial officer (CFO), they admit that the recent IPO has added additional pressures for their company. They now must meet additional regulatory requirements.

The consulting staff typically meets with the customer to gather the system requirements and then returns home to the Real-Time facilities to create the integration solutions. A major problem that the consultants face is network resources. The office spaces that are allocated to the consulting team offer cubicles with limited network access. The consultants need a more flexible solution for connecting to the Real-Time network. Real-Time wants to implement a secure solution that ensures the privacy of the communications and company data as well as giving the consultants the flexibility to connect to the network and move around and interact and conference with other consultants. 

Project Requirements

As Real-Time starts the project, the leaders realize that their current infrastructure is not as secure as they thought. The original information technology (IT) staff was well-meaning, but at the time of the start-up, they were not as security-conscious as companies are today. As a result, Real-Time wants to ensure the overall security of the existing infrastructure and to isolate the new development infrastructure as much as possible. To begin, the existing network architecture includes a demilitarized zone (DMZ) for the company Web site, file transfer protocol (FTP), and mail servers. The company Intranet is a flat network. All company resources and applications are on the same network with all staff desktops. All company systems are internal (meaning that they outsource no solutions). All systems and applications are housed in the San Jose corporate site in a converted conference room that is now a dedicated data center.

 

Real-Time does have a concern over the customer systems and data that are brought into the San Jose facility. The customer data and equipment need to be isolated from other customer environments. At no point in time can the data from one customer be stored in the same environment as a different customer. The CIO has made these requirements very clear to the staff. Customer data privacy and security needs to be a top priority.

 

Proper resources have been allocated for the project, and several key goals have been set:

  • Evaluate the regulatory requirements based on the Sarbanes-Oxley Act, and ensure that company security policies are sufficient to meet the requirements.
  • Evaluate the security risks in the current environment.
  • Evaluate the access control methods that are currently in use, and identify newly needed controls.
  • Evaluate the need for controls to better protect data both at rest and in motion.
  • Develop or redesign a secure network solution.

 

Introduction to Information Security (Week 1)

A review of the current infrastructure and security model is needed to ensure compliance with the new Sarbanes-Oxley regulations. Management wants to understand how the regulation impacts the information security posture of the Real-Time Integrations Systems environment. To do so, the following areas need to be better understood by the organization:

 

  • Describe the need for information security
  • The potential issues and risks that exist and what benefits they can gain from the new wireless fidelity (W-Fi) project
  • Describe what new challenges exist with the new project to allow consultants to work on-site
  • Describe the challenges that now apply to the company with the recent IPO taking place

The Need for Information Security

A review of the high level of information security should take place, and then a practical discussion about what it means for organizations like Real-Time Integration Systems needs to take place.

Potential Issues and Risks for Wi-Fi Environments

A review of the technical security needs to take place. The focus should be on the extension of a network through the use of wireless technologies.

Security Challenges of Allowing Consultants to Work On-Site

A review of the administrative security controls needs to take place. The focus should be on the policies and personal requirements that need to be implemented

A Review of the Sarbanes-Oxley Requirements

Sarbanes-Oxley will now affect Real-Time, and there needs to be a discussion about the specific provisions of the regulations that apply to the IT infrastructure.

Reference no: EM13976531

Questions Cloud

What is the net present value of the investment : An investment that requires $1,000 initial investment will return $600 at the end of first year and $650 at the end of second year. Assume the discount rate is continuously compounded at 8%. What is the Net Present Value of the investment?
Yield to maturity on a comparable-risk bond : The 9 year $1,000 par bonds of Vail Inc pay 8 percent interest. The market's required yield to maturity on a comparable -risk bond is 11 percent. The current market price for the bond is $910. (a) Determine the yield to maturity; (b) What is the valu..
What is your yield to maturity : Abner Corporation’s bond mature in 24 years and pay 9 percent interest annually. If you purchase the bonds for $925, what is your yield to maturity? Your yield to maturity on the Abner bonds is __%(Round to two decimals places)
The investment will produce cash flows : Your firm is considering an investment that will cost $920,000 today. The investment will produce cash flows of $450,000 in year 1, $270,000 in years 2 through 4 , and $200,000 in year 5. the discount rate that your firm uses for projects of this typ..
Describe the need for information security : Describe the need for information security, The potential issues and risks that exist and what benefits they can gain from the new wireless fidelity (W-Fi) project
Creating flow chart to develop new process or procedure : We tend to think of flow charting in terms of improving or documenting an existing process, but can a flowchart also be useful for new processes Why? How? I believe I saw an example or two earlier in the discussion this week. Can you think of other e..
What is the interest rate on the loan : Poor Dog, Inc. borrowed $135,000 from the bank today. They must repay this money over the next six years by making monthly payments of $2,215.10. What is the interest rate on the loan?
Determine relative risk for a heart : Organize the data in a table that will be used to determine relative risk (also called risk ratio) for a heart attack. Calculate the relative risk (RR) for a heart attack among those with hypertension as compared to those without hypertension.
Pay the loan off in equal monthly payments : You need to borrow $18,000 to buy a truck. The current loan rate is 9.9% compounded monthly and you want to pay the loan off in equal monthly payments over five years. What is the size of your monthly payment?

Reviews

Write a Review

Computer Network Security Questions & Answers

  Why do these economic measures help

How to make economic mechanisms that help improve information security and management?

  Sarbanes oxley act and gramm leach bliley act

Provide an overview that will be delivered to senior management of regulatory requirements the agency needs to be aware of, including: FISMA, Sarbanes-Oxley Act and Gramm-Leach-Bliley Act

  Create alternative message which has hash value

Generates the alternative message which has a hash value which collides with Bob's original hash value. Illustrate a message that Alice may have spoofed, and demonstrate that its hash value collides with Bob's original hash.

  Experiences with the social networking sites

Your experiences with the social networking sites like Craig list etc etc and Why do you think social networking sites are so popular? In other words, what is their stickiness?

  Ipsec provides security at the network layer

If IPSec provides security at the network layer, why is it that security mechanisms are still needed at layers above IP

  Department of homeland securitys mission

Interpret the Department of Homeland Security's mission, operations and responsibilities. Detail the Critical Infrastructure Protection (CIP) initiatives, what they protect, and the methods we use to protect our assets

  What is the cia triad

1.What is the CIA Triad, and how is it relevant in the context of systems software? 2.Explain the concept of Red vs. Blue as it pertains to software testing.

  Identify at least two criminology theories

Motive is one of the main themes that law enforcement must identify in order to prevent future crimes. Law enforcement utilizes the science of criminology to understand criminality and identify potential criminals.  1. Identify at least two criminol..

  Hacking occurred and the organization had the right plan

Security Computer forensics and hacking go hand in hand. Discuss in (Need 2 Reports with 2 pages each report = 4 Total Pages), two cases where hacking occurred and the organization had the right plan in place to combat the hack. Describe the proce..

  Data security or computer-network security

The second research report should include applications of the security theories, principles, and techniques of the subject.

  Use a two-stage transposition technique to encrypt

Use a two-stage transposition technique to encrypt the following message using the key "Decrypt". Ignore the comma and the period in the message

  What kind of malicious attack

In this assignment, you will research and select one well-known virus or a malicious code attack. Then, write a one-page essay explaining the following questions

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd