User Account

All Pages

Reply to science red clay renovations discussion

Assignment Help Science
Reference no: EM133196645

Assignment - Reply to Science Red Clay Renovations Discussion

Red Clay Renovations is an internationally recognized, awarding winning firm that specializes in the renovation and rehabilitation of residential buildings and dwellings. The company specializes in updating homes using "smart home" and "Internet of Things" technologies while maintaining period correct architectural characteristic.

With  all the recent cybersecurity attacks and considering the speed  technologies are evolving and the security risks related to the type of technologies  (IoT, smart devices) used by the company , it will be important to reconsider Some of Red clay's IT security practices. As a first step, a risk assessment was performed on Red Clay Renovation's IT systems and infrastructure; according to the findings it was recommended for the company to formalize the security measures required to protect information, information systems, and the information infrastructures for the company's headquarters and field offices. So this briefing paper will help propose a plan of action which will help develop system security plans including Security Control Classes and Security Control Families related to Red Clay risks.

When talking about system security plans for companies such as Red clay, we immediately touch bases with concepts such as Security Control Classes and Security Control Families. Security controls are safeguards or countermeasures to avoid, detect, counteract, or minimize security risks to physical property, information, computer systems, or other assets. According to recent studies, they are 3 well known classes of security control classes (Lord, 2018):

-Management controls: The security controls that focus on the management of risk and the management of information system security.

-Operational controls: The security controls that are primarily implemented and executed by people (as opposed to systems).

-Technical controls: The security controls that are primarily implemented and executed by the system through the system's hardware, software, or firmware.

All these 3 classes of controls are necessary for robust security. For example, a security policy implemented at the Wilmington, DE Offices (Red Clay's Headquarters) (Bring Your Own Device policy) is a management control, but its security requirements are implemented by people (operational controls) and systems (technical controls) within the company. Think of phishing attacks, Red Clay Renovation may have implemented   an acceptable use policy that specifies the conduct of users, including not visiting malicious websites. Security controls to help thwart phishing, besides the management control of the acceptable use policy itself, include operational controls, such as training employees and users from all the fields  not to fall for phishing scams, and technical controls that monitor emails and web site usage for signs of phishing activity (MDNDocs, 2019).

According to the NIST Special Publication SP 800-53, there is a total of 18 security control families. But on this paper, we will focus on the following security control families (NIST, 2013):

Planning (management control class): this control addresses the establishment of policy and procedures for the effective implementation of selected security controls and control enhancements in the PL family. This family contains subfamilies such as PL4 Rules of Behavior (Establishes and makes readily available to individuals requiring access to the information system, the rules that describe their responsibilities and expected behavior with regard to information and information system usage) and PL-8 information security architecture (addresses actions taken by organizations in the design and development of information systems).

Identification & Authentication (Technical control class): the information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users). This control applies to all accesses other than: (i) accesses that are explicitly identified and documented in AC-14; and (ii) accesses that occur through authorized use of group authenticators without individual authentication. This family contains subfamilies such as IA-3 device authentication and identification (Organizational devices requiring unique device-to-device identification and authentication may be defined by type, by device, or by a combination of type/device) and IA-7 cryptographic module authentication (The information system implements mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance for such authentication).

Incident Response (Operational control access): This control addresses the establishment of policy and procedures for the effective implementation of selected security controls and control enhancements in the IR family. Policy and procedures reflect applicable federal laws, Executive Orders, directives, regulations, policies, standards, and guidance. This family contains subfamilies such as IR-2 incidence response training (the organization provides incident response training to information system users consistent with assigned roles and responsibilities) and IR-3 incidence response testing (the organization employs automated mechanisms to more thoroughly and effectively test the incident response capability).

Reference no: EM133196645

Questions Cloud

How is the world understood differently in new institutional : How is the world understood differently in new institutionalist approaches compared to International or Global ones?
Critique post - selecting & implementing security controls : Critique post - Selecting & Implementing Security Controls Discussion - Security control classes define and shape the security planning for an organization
Natural history and physical characteristics of thylacine : Describe the natural history and unique physical characteristics of the thylacine. What it ate, where it lived, and what did it look like?
Identify unique problems or considerations : Identify unique problems or considerations that apply to pregnant women. Compare and contrast your pregnant women to the overall U.S. population.
Reply to science red clay renovations discussion : Reply to Science Red Clay Renovations Discussion - According to the NIST Special Publication SP 800-53, there is a total of 18 security control families
Argue - do rich people bear responsibility on climate change : Do rich people rather than rich countries bear the greatest responsibility for climate change? Argue on this statement.
How your understanding been affected by social sciences lens : How has your understanding been affected by the social sciences lens? How does the social sciences lens support the lens you previously used?
Reply to science cybersecurity loopholes discussion : Reply to Science Cybersecurity Loopholes Discussion - The purpose of this briefing is to address the results of a recent risk assessment analysis conducted
Prepare dissertation on emed- all about health : Prepare Dissertation on eMED- All About Health - Research Methods and Dissertation Preparation

Reviews

Write a Review

Science Questions & Answers

  Journal of pharmaceutical sciences

This journal is a scientific publication of Indian Pharmaceutical Association and highlights various bright points of it.

  Optical fibres

This document discuss about the main attributes and characteristics of optical fibres.

  Micro organisms

This project report reveals the fact and proves a specific objective mentioned to be studied upon.

  Describing histology of an organ

The discussion of the technique should include a literature review on the evolution of the technique.

  Interpret the sensitivity of mammography

Calculate and interpret the sensitivity of mammography. Diagnostic test with Sensitivity 50%, Specificity 50% and prevalence 50%. Crude mortality rate. Damage caused by motor vehicle accidents.

  Discuss the role that science plays in your daily life

Role that science plays in your daily life and Integrity, Intensity, Innovation, and involvement in scientific field

  Prepare a flexible budget gator divers

Prepare a Flexible Budget Gator Divers is a company that provides diving services such as underwater ship repairs to clients in the Tampa Bay area.

  Neurological disorders

Designing a neuroprosthesis for the neurological disorders

  Complexity of cell surfaces

Lipid rafts provide another example of the complexity of cell surfaces in both their structural character and biologic functionality. Please explain the nature of these structures and their functionality.

  Exploratory activity on bird beaks

Describe how natural selection and evolution are demonstrated by this activity

  Spatial and temporal variation of heat content in the upper

In this study the temporal and spatial variation of heat content in the upper 70m layer of the Arabian Sea was for a period of 1991 to 2008 have been attempted.

  Earthquake databases

Earthquake Databases

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +91-977-207-8620

Phone: +91-977-207-8620

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd