+1-415-670-9189
info@expertsmind.com
Prepare a security standard document
Course:- Computer Network Security
Reference No.:- EM131210512




Assignment Help
Expertsmind Rated 4.9 / 5 based on 47215 reviews.
Review Site
Assignment Help >> Computer Network Security

Yummy Good Treats has a number of traveling salespeople who cover territories throughout the Midwest. These employees use laptops with wireless Internet connections and mobile phones to communicate with the home office. They use these devices to retrieve confidential price lists and inventory information from headquarters. The salespeople need access to the information while they're on the road. They also prepare customized quotes for each client and forward them to the home office for review prior to e-mailing or hand delivering them to the potential client. The company provides access through a Virtual Private Network (VPN). All employees are required to use the VPN when accessing company systems and data remotely.

You were given the task to help draft an information security standard. The organization is especially concerned about the need for maintaining the confidentiality of their pricing information (both on the price list and in quotes prepared for individual clients). You have been tasked with the responsibility of developing the first draft of a security standard document that governs the use of wireless devices and technology by the traveling salespeople.

Your supervisor has explained to you that she recognizes that organizations usually develop individual wireless device standards and confidentiality standards but stressed the importance of including all of this information in a single document. She also reminded you that the majority of the sales force is not technically proficient and they are not likely to read a document that exceeds three pages in length.

Using the slides and the NIST SP 800-46 as references, prepare a security standard document that meets the requirements of Yummy Good Treats in a clear, concise manner. While writing the document, keep in mind the business needs of the organization and the target audience for your writing.

Remember, the NIST SP is far to lengthy for our purposes, but it has some good information in it. Your standard should include the following sections:

- Statement of Standard
o Scope and applicability
o Definition of technology
o Responsibilities

- Authorized Access and Use of Equipment and Resources
o User access
o Appropriate use of systems and data
o Protection and privacy

- Prohibited Use of Equipment and Resources
o Disruptive use or misuse
o Criminal use
o Offensive or harassing materials
o Copyrighted, licensed, or intellectual property
o Other restrictions

- Systems Management
o Management of stored materials
o Employer monitoring
o Malware protection
o Physical security
o Encryption

- Violation of Policy
o Procedures for reporting violations
o Penalties for violations




Put your comment
 
Minimize


Ask Question & Get Answers from Experts
Browse some more (Computer Network Security) Materials
Examine the fundamental differences and similarities between asymmetric and symmetric encryption. Recommend one (1) application for which each encryption method is best suit
Select and summarise an article from the University of Liverpool online library that addresses trust computation in computer systems. Analyse how trust is used in controlling
Discuss tools and techniques for removing Malware using the text Internet, and/or your job as reference for full credit. Discuss best practices for Microsoft Windows Group Po
Present a brief summary of the arguments for and against outsourcing computer security for your company. Select two firms that offer computer security outsourcing services, a
A first step to developing an enterprise security plan is to identify the specific vulnerabilities and related risks facing an organization. This list should be fairly exhau
What steps would you advise to prevent such attacks? What limitations does this form of attack have - explain why the flag has been set and what it means for TCP connection.
On the Stock Investments worksheet, pull in the current stock prices from finance.google.com.On the right side of the page, you will find the World markets section. Select t
You have been asked to install an SVN repository on a server. The SVN will be remotely accessed using the svnserve daemon that is supplied with SVN (please note that this is