BCP
Revision 1.0
PRE-INCIDENT CHANGES
The following will be implemented to be help ensure the well-being of the company in the event of incident:
1. Backups of all data, images, production systems, configurations, customer data, sales data, finance data, HR data, legal data, management data, IT and InfoSec data will be maintained via standard procedure, and stored not only at the main office but in another data center within another region of the US, such as a hot site, to be available for use at any time.
2. A BCP Committee will be formed to audit and review the current BCP plan for any changes that may need to be made, with input from the security team, IT, sales, operations, upper management, finance, HR and legal teams. BCP
…show more content…
Any data on customer environments retrieved from vulnerability scanning and PCI scanning is deemed sensitive. Documents of logs and other troubleshooting data received to support is deemed sensitive, as well as routinely stored logs within log manager.
Development Data
Data belonging to development departments such as proposed projects, trade secrets, projects in route to be deployed, historic operations information, QA data and implementation data are deemed sensitive.
Sales and Marketing Data
Data with regard to prospective customers, contracts, marketing strategies, marketing metrics and transactions are deemed sensitive.
Employee Data
Data in regard to an employee’s tax records, personal data, employment contracts and training data, transactions, entry/exit records and browsing/working records are deemed sensitive data.
DATA PROTECTION DURING NORMAL BUSINESS
1. Encryption of all hard drives on all devices, including employee machines, servers, and all devices where possible, is required.
2. All network traffic throughout the company will be encrypted where possible.
3. All external contact into the local LAN must be done through VPN connection.
4. Strict adherence to the Access Request procedure must be exercised when IT gives any type of access to systems or data, including direct manager approval, business justification, standard role, justification for extra system or data access beyond standard role, and
- Decent Essays
Is3350 Unit 3
- 576 Words
- 3 Pages
As well as any high level procedures are unavailable to employees, therefore a senior employee will only have the respected clearance in order to deter any customer information from being tampered
- 576 Words
- 3 Pages
Decent Essays - Satisfactory Essays
Cyp 3.1 Communication Research
- 1028 Words
- 5 Pages
4.3 Describe situations where information normally considered to be confidential might need to be passed on.
- 1028 Words
- 5 Pages
Satisfactory Essays - Decent Essays
UNIT 203 Work in a Business Environment K
- 3069 Words
- 13 Pages
The legal requirement in relation to security and confidentiality are described by in the Data Protection Act 1998 and says that anyone who records information about individuals is classed as a data processor under the Act and is required by law to process the data fairly and lawfully. The Act prevents the unauthorised use of data and so protects the privacy of individuals. The Act also says never to disclose information that my organisation holds about individuals.
- 3069 Words
- 13 Pages
Decent Essays - Satisfactory Essays
Nt1330 Unit 3 Access Control Paper
- 220 Words
- 1 Pages
The Licensee has the following controls are in place to secure sensitive customer information. Access controls are in place to limit user access to sensitive customer information. Access to physical data is under lock and key with limited access to IT administrators. Doors are closed and locked when IT room is not occupied. All workstations require LDAP access via Microsoft Active Directory and Data backups are located off site and locally.
- 220 Words
- 1 Pages
Satisfactory Essays - Better Essays
IS3340-Unit 2-Assignment 2
- 1549 Words
- 7 Pages
iv. Users of remote workstations must comply with HIPAA Security Policy # 10 - Workstation Use)
- 1549 Words
- 7 Pages
Better Essays - Better Essays
JIT2 Risk Management Essay
- 2007 Words
- 9 Pages
For the task of creating a Business Continuity Plan (BCP), I will follow a logical and systematic formula for implementation, monitoring and reviewing the plan for United Health Group.
- 2007 Words
- 9 Pages
Better Essays - Better Essays
Employee Handbook Privacy Section
- 1397 Words
- 6 Pages
productivity, computers, systems, etc at all time, employees will ensure they are being proactive. In addition, employees will ensure they are not using any company assets for personal gain or knowledge because they are aware someone is monitoring them at all times.
- 1397 Words
- 6 Pages
Better Essays - Better Essays
FINAL Project IS3230
- 1658 Words
- 7 Pages
There are several dimensions by which data can be valued, including financial or business, regulatory, legal and privacy. A useful exercise to help determine the value of data, and to which risks it is vulnerable, is to create a data flow diagram. The diagram shows how data flows through your organization and beyond so you can see how it is created, amended, stored, accessed and used. Don't, however, just classify data based on the application that creates it, such as CRM or Accounts. This type of distinction may avoid many of the complexities of data classification, but it is too blunt an approach to achieve suitable levels of security and access.
- 1658 Words
- 7 Pages
Better Essays - Better Essays
The Rights Of Service Users When Accessing Services
- 3376 Words
- 14 Pages
Confidentiality is very important when in the workplace, in order for to maintain confidentiality there needs to be some set rules and regulations that all service users must adhere to. This includes putting passwords on computers/laptops that have confidential information on, information kept in files or filling cabinets should be locked away and secure, never leaving offices unlocked for long periods of time
- 3376 Words
- 14 Pages
Better Essays - Better Essays
HCPC Code Of Ethics In Biomedical Research
- 1680 Words
- 7 Pages
Confidentiality is a standard of professionalism that must be respected, unless the disclosure of information is permitted by law. The IBMS reinforces the importance of the ability to identify the personal limits of their professional knowledge and skills; tasks should not be performed by those who lack training, qualifications, or the relevant experience
- 1680 Words
- 7 Pages
Better Essays - Better Essays
The And Criminal Law For Misappropriation Of Personal Health Information ( Phi ) Essay
- 1644 Words
- 7 Pages
According to Gartee (2011), Privately Held Information is meant to be safeguarded, but there are times when the information in them is needed for varied purposes.
- 1644 Words
- 7 Pages
Better Essays - Decent Essays
Innovative Widgets Customer Service Plan
- 1059 Words
- 5 Pages
They are to be treated as confidential and kept secure as per Privacy Act 1998
- 1059 Words
- 5 Pages
Decent Essays - Decent Essays
Business Continuity Plan Essay
- 650 Words
- 3 Pages
DLIS has decided to develop a business continuity plan (BCP) with the full support of management.
- 650 Words
- 3 Pages
Decent Essays - Decent Essays
Healthy Body Wellness Center : Business Objectives Essay
- 1265 Words
- 6 Pages
Confidentiality means that data is concealed and can only be seen by the intended recipient.
- 1265 Words
- 6 Pages
Decent Essays - Better Essays
Examples Of Organizational Security Plan
- 1651 Words
- 7 Pages
University employees will take every measure to ensure confidential data is protected and accessed exclusively for job related responsibilities. Confidential data includes personal, financial and educational records for employees, students, alumni and friends of the university. This covers both paper and electronic records. Users must:
- 1651 Words
- 7 Pages
Better Essays