Information Resource Security Policy for the ABCD University
STUDENT NAME:Awale Mohamed STUDENT ID:27528
3/27/2015
Table of Contents
Introduction 2
Findings and Analysis 4
Situation 4
Problem 5
Solution 6
Evaluation and Analysis 7
Conclusions 9
Recommendations 10
References 12
Introduction
The objective of this assignment is to develop security policy for information resources of the ABCD University with major emphasis on compliance with the current laws and regulations, integrity and confidentiality of information, and reduced risks to potential threats.
The ABCD University is among most modern IT based university with over 3,000 computers including desktop computers, terminal computers, and special purpose mini servers for facilitating over 19,000 students, lecturers, staff and administration. All the computers are networked internally including majority student residence areas connected to internal network as well.
Current system emphases include:
• Network and Desktop Systems
Voice and data network systems, network security, external networking such as the internet, the administration of fileservers and UNIX hosts, development and support of desktop operating systems and applications, development and implementation of strategic IT initiatives, and telephone systems and switchboard
• Technical Support
Technician presence at all campuses, offering support for network laboratories and audio-visual
Due in Week Seven: Outline the Access Control Policy. Describe how access control methodologies work to secure information systems
Premier Collegiate School has a staff of thirty (30) faculty members, including administrative staff and teachers, and an enrollment of 300 students. The school maintains two (2) servers, one for student usage applications and software, and one for administration. Also, teachers have ten (10) computers located in the teacher’s lounge; and each administrative personnel have dedicated computers (10) at their disposal. Each student is required to provide their own laptop with wireless access (ITT technical institute, 2016).
The essential legal policies for instituting an information security policy for any organization, regardless of tax status, such as commercial, non-profit entity or a federal agency and how those policies, both governmental and organizational, can impact an organization’s ability to ensure the integral information security triad of confidentiality, integrity and availability.
Areas similar to standards discussed Overview of the corporate philosophy on security Documents the Introduction and Purpose of the Information security policy of Chicago It provides a reasonable framework that helps the reader to understand the intent of the document
Webster characterizes "policy" as a "high-level overall plan embracing the general goals and acceptable procedures". It is, by and large acknowledged that an organization's information security policies should be the premise of its information security program. Particularly in case of global organizations, the requirement for sensible policies and the issues intrinsic in creating them are exceptionally critical. This paper serves as a dialog of some of the most common data security strategy-related matters that are common to global organizations and offer some approaches to resolving them.
Information security acts have been established with the intent to protect the rights of all citizens. Specifically to enhance privacy and confidentiality, models have been developed to aid organizations in securing citizens’ private information to attain assurance and security of their information. Legislation must be continuously updated to adapt to the growing use of technology and its effects of storing and using personal information. Public and private sector organizations must abide by government-mandated legislation regarding information security and risk management.
In any corporate setting or military installation, a need to define proper boundaries and procedures for safeguarding data can be a daunting and sometimes a seemingly impossible task. Delineating, clarifying, and communicating the responsibilities for protecting and defending information resources is the first step in creating a culture that is sensitive and responsive to information security issues.
The failure of organizations to implement a comprehensive and robust information security program can mean the untimely demise for some and costly setbacks for others. At the heart of information security is security policy. Without security policy there can be no security program. Without people, security policies would not exist. They would not be written, implemented, and enforced. Security policies and the adoption of standards provide many benefits as shall be discussed in this paper. Further is discussed how information in systems often falls under different classifications to reflect a degree of sensitivity and how this relates to an
Since the beginning of the Fall 2016 semester, we have covered a great deal of information in our information assurance class. We defined information security and discussed topics such as why we need security, the legal, ethical, and professional issues involving information security, managing and mitigating risks, how to effectively plan for security, tools such as intrusion detection and prevention systems, cryptography, physical
With the advent of the online era, comes a very new challenge of protection of confidential information from unauthorized access and its misuse or modification. The
In an age of rapidly expanding data and highly skilled threat actors, technological advancements present the urgent duality of great opportunity and great risk. A universities data is integral to both, and a critical asset that differentiates organizations. While it is impractical to completely ‘lock it down ' and yet it is open, use can threaten the organization 's existence. The challenge for IT team security leaders is striking a delicate balance being security aware and remaining business driven.
The Internet continues to grow exponentially. Personal, government, and business applications continue to multiply on the Internet, with immediate benefits to end users. However, these network-based applications and services can pose security risks to individuals and to the information resources of companies and governments. Information is an asset that must be protected. Without adequate network security, many individuals, businesses, and governments risk losing that asset.
The main Moto of this task is to develop IT services for an organisation as they required and which are essential. The main theme of this report is to know about the network basics, configurations, trouble shooting techniques, creating DHCP, DNS services, setting up with IP addresses, Ad structure and assign group policies, firewall configurations and virtualization, backup facility and disaster recovery.
The main Moto of this task is to develop IT services for an organisation as they required and which are essential. The main theme of this report is to know about the network basics, configurations, trouble shooting techniques, creating DHCP, DNS services, setting up with IP addresses, Ad structure and assign group policies, firewall configurations and virtualization, backup facility and disaster recovery.
The main Moto of this task is to develop IT services for an organisation as they required and which are essential. The main theme of this report is to know about the network basics, configurations, trouble shooting techniques, creating DHCP, DNS services, setting up with IP addresses, Ad structure and assign group policies, firewall configurations and virtualization, backup facility and disaster recovery.