User Account

All Pages

Discuss about the remote access solutions

Assignment Help Computer Networking
Reference no: EM132239229

Assignment: Requirements:

In this assignment, you play the role of chief information technology (IT) security officer for the Quality Medical Company (QMC). QMC is a publicly traded company operating in the pharmaceutical industry.

QMC is expanding its arena of work through an increase in the number of clients and products. The senior management of the company is highly concerned about complying with the multitude of legislative and regulatory laws and issues in place. The company has an internal compliance and risk management team to take care of all the compliance-related issues. The company needs to make important decisions about the bulk of resources they will need to meet the voluminous compliance requirements arising from the multidimensional challenge of expansion.

QMC will be required to conform to the following compliance issues:

• Public-company regulations, such as the Sarbanes-Oxley (SOX) Act

• Regulations affecting financial companies, companies that make loans and charge interest, such as the U.S. Securities and Exchange Commission (SEC) rules and Gramm-Leach-Bliley Act (GLBA)

• Regulations affecting healthcare privacy information, such as Health Insurance Portability and Accountability Act (HIPAA)

• Intellectual Property Law that is important for information asset protection particularly for organizations in the pharmaceutical and technology industry

• Regulations affecting the privacy of information, including personal identification information, such as personally identifiable information (PII) regularly collected from employees, customers, and end users

• Corporate governance policies including disclosures to the board of directors and the auditors and the policies related to human resources, governance, harassment, code of conduct, and ethics

Compliance with regulatory requirements implies encrypting sensitive data at rest (DAR) and allowing access to role-holders in the enterprise who require the access. It also implies that sensitive data in motion (DIM) or data that is being communicated via e-mail, instant message (IM), or even Web e-mail must be suitably protected and sent only to the individuals who have a right to view it. The company is conscious about the loss they may face in terms of penalty and brand damage if they fail to abide by the compliance laws, especially in the online information transfer phase. Therefore, as a dedicated employee, your task is to develop a content monitoring strategy using PKI as a potential solution. You will need to determine a process or method to identify multiple data types, processes, and organizational policies. Incorporate them into a plan, and select a PKI solution that will effectively address the content management needs of your company.

You need to present your PKI solution in the form of a professional report to the senior management.

Submission Requirements

• Format: Microsoft Word

• Font: Arial, 12-Point, Double-Space

• Citation Style: APA

• Length: 1-2 pages

Assignment 2: Remote Access Method Evaluation

Assignment Requirements

Discuss with your peers which of the two remote access solutions, virtual private networks (VPNs) or hypertext transport protocol secure (HTTPS), you will rate as the best. You need to make a choice between the two remote access solutions based on the following features:

• Identification, authentication, and authorization

• Cost, scalability, reliability, and interoperability

Case Assignment 3: Consider the organization where you work, or an organization where you would like to work if you are not currently employed.•Create a Policy that would benefit your organization•Suggest some controls for your policy•Suggest an audit mechanismUse the following Format for your policy:

Overview

You should put one or two sentences here that summarize the policy and its purpose for management. This is typically an explanation of why the policy exists. Don't be too technical.

Scope

This is where you define who or what the policy applies to, from all employees to only cashiers that handle cash in the front office. If it applies to equipment, it could be all equipment, all servers, all network connected equipment, or just company issued cell phones. Be specific.

Policy

This is where the policy is actually defined. Don't be too specific, leave that to the procedures and controls that support the policy.

For example, a password policy might state that users cannot share passwords, passwords must be complex, help desk personnel never request passwords, and passwords must rotate periodically. The details of good password construction can be then put in a guideline document, instructions for the help desk on reseting passwords can be a procedure, and that Group Policy is used to force password changes every 60 days is a technical control. None of that should be in the policy, but it all needs to be properly documented and communicated to the people that need it - the guidelines to all staff, the help desk procedure to help desk staff, and the technical controls to the domain admins.

If you are in doubt remember that good policy statements talk about what the policy is trying to accomplish, and are addressed to a wide audience. Procedures and controls talk about how it is to be accomplished and are addressed to the staff that must carry it out.

Compliance Measurement

Typically, this section includes the job title of the person responsible for overseeing its implementation or the department if multiple people are responsible, a reference to audit mechanisms, and the consequences for failure to abide by policy.

Definitions, Related Standards, and Policies

This section usually contains definitions of technical or ambiguous terms, cross-references to applicable regulations, and other policies that relate to this policy. Examples include union contracts, discipline policies, and implementation guidelines. In our password policy example, this where readers would be told to consult the password construction guideline document.

Exceptions

If there any circumstances that might allow temporary exception to the policy, such as during an emergency, define them here. If there is anyone with the authority to temporarily waive the policy, they should be identified by job title. This section is often omitted since many policies do not allow any exceptions.

• 3-5 pages in length.

• APA format.. citations, references etc.

Reference no: EM132239229

Questions Cloud

Paper on fine dining and quality service : Describe how the industry involves the guest in order to provide quality service - Summarize two service standards the industry uses to meet customer
Discuss problem related to exception handling : You decide to upload your recent project to a programming community website for feedback, and one thing that community users keep pointing to is the lack.
Describe in detail the different change management phases : BSP6064 Leadership Change Assignment - Describe in detail the different change management phases that should be adopted in sequence
Provide an example of an untamed scientific problems : Provide an example of an Untamed Scientific Problems. Offer a solution to address the problem. What challenges might your solution face?
Discuss about the remote access solutions : Discuss with your peers which of the two remote access solutions, virtual private networks (VPNs) or hypertext transport protocol secure (HTTPS).
How well does the video on the legislative section match up : How do the three branches of government, and outside forces, influence and interact on an important policy issue?
Give an example of each of the two strategies : Give an example of each of the two (2) strategies in current world politics and speculate on their effectiveness.
Propose how written and oral communication should be used : Assume you are a candidate for a director of communications for a major metropolitan county.
How well did you do on the test and what did you learn : One of the key topics we have been learning about is ensuring that all users are aware of security threats. Email phishing is a common threat that a user may.

Reviews

Write a Review

Computer Networking Questions & Answers

  Networking and types of networking

This assignment explains the networking features, different kinds of networks and also how they are arranged.

  National and Global economic environment and ICICI Bank

While working in an economy, it has a separate identity but cannot operate insolently.

  Ssh or openssh server services

Write about SSH or OpenSSH server services discussion questions

  Network simulation

Network simulation on Hierarchical Network Rerouting against wormhole attacks

  Small internet works

Prepare a network simulation

  Solidify the concepts of client/server computing

One-way to solidify the concepts of client/server computing and interprocess communication is to develop the requirements for a computer game which plays "Rock, Paper, Scissors" using these techniques.

  Identify the various costs associated with the deployment

Identify the various costs associated with the deployment, operation and maintenance of a mobile-access system. Identify the benefits to the various categories of user, arising from the addition of a mobile-access facility.

  Describe how the modern view of customer service

Describe how the greater reach of telecommunication networks today affects the security of resources which an organisation provides for its employees and customers.

  Technology in improving the relationship building process

Discuss the role of Technology in improving the relationship building process Do you think that the setting of a PR department may be helpful for the ISP provider? Why?

  Remote access networks and vpns

safekeeping posture of enterprise (venture) wired and wireless LANs (WLANs), steps listed in OWASP, Securing User Services, IPV4 ip address, IPV6 address format, V4 address, VPN, Deploying Voice over IP, Remote Management of Applications and Ser..

  Dns

problems of IPV, DNS server software, TCP SYN attack, Ping of Death, Land attack, Teardrop attack, Smurf attack, Fraggle attack

  Outline the difference between an intranet and an extranet

Outline the difference between an intranet and an extranet A programmer is trying to produce an applet with the display shown in Figure 1 below such that whenever one of the checkboxes is selected the label changes to indicate correctly what has..

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd