How a company-wide policy program could help the situation

Assignment Help Computer Network Security
Reference no: EM13649338

Peak View Sound Sources is a public company based in Denver, Colorado and is focused on providing digital media and Web sites to music companies and musicians through the Mountain and West Coast regions. The company has a solid reputation and is starting to get some national and worldwide attention, with new prospective companies wanting to take advantage of the quality services they have see on other existing Web sites.

Your company has been hired to assist Peak View Sound Sources (PVSS) to ascertain the security posture of the company's Information Systems resources and services. You are heading the team of auditors tasked to perform the audit and assessment.

You enter the company offices of PVSS and begin your analysis of the environment and situation.

Initial analysis has allowed you to determine that the company is made up of the following divisions:

• Corporate Management and Support Staff: This organization contains the executive management, human resources, and accounting teams. All company decisions are directed from the management team.

• Information Technology: This team manages the networks, servers, Web sites, and desktop environments for the company. The team has a perception of being difficult to work with, as they are slow to adopt new technology and slow to implement new offerings. The reality is that the team has resources and wants to uptake the newest and greatest technology, but they spend most of their time putting out fires and reacting to issues.

• Media Content and Design: This team is in charge of working with the record companies and musicians to create the Web Sites and implement the product offerings that are sold.

• Sales and Marketing: This team works with the musicians and record companies to offer and sell the services of PVSS.

There is a concern about the security of the infrastructure with respect to the ability to protect the copyrighted material that PVSS is given to host, because a single incident several years ago took place in which an entire new CD was released prematurely via the Internet. Although PVSS was not directly linked to the leak, there are suspicions surrounding PVSS.
Assignment Deliverables

As you continue your analysis, you see that the Information Technology (IT) department has developed several guidelines and procedures about how various systems should be considered and set up, but this is internal only to the IT department. Every time a new machine is set up and deployed, within a month, the configuration is changed.

• Explain why you think the use of these guidelines and procedures is not sufficient and may not solve the problem. Consider how a company-wide policy program could help the situation.

• As you begin to prepare your game plan to conduct an Information Security Audit, talk about why you think this current situation makes it difficult to identify the controls that need to be examined.

• If you were performing this security audit, with which regulations would you want to ensure that PVSS complies? Why?

Reference no: EM13649338

Role of ethics in developing the certification package

Description of the role of ethics in developing the certification package and Description of how to represent the required documentation and requirements in the certification

What is data mining and why is it considered controversial

What exactly is "cyber ethics" How is it different from and similar to computer ethics information ethics and Internet ethics and Identify and describe some key aspects of

Conduct an internet search of cyber crimes

Conduct an Internet search of cyber crimes. Find a cyber crime, a crime where a computer is used to commit a majority of the crime that has occurred in the last three months

Describing use of kerberos for mutual authentication

Answer the following in relation to a scenario where Bob and Alice use Kerberos for mutual authentication. When Bob receives a ticket from Alice, how does he know it is genuin

Differences between symmetric and asymmetric encryption

Describe the differences between symmetric and asymmetric encryption. Select the encryption method you believe is typically more reliable of the two and explain why. Determi

What information items are included in this ticket

When the Server receives the authenticator and the ticket from the client. The server will compare the information items contained in the authenticator and the ticket to aut

What security model would you select

What Security Model would you select when create an Enterprise Architecture? You may include a particular security situation that would justify the Security of Model of choi

Compare two-tier client-server system configuration

Compare 2-tier and 3-tier client/server system configurations and analyze how they are different. Based on your comparison, suggest the real life scenarios which are suitabl

Reviews

Write a Review

 
Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd