The Security Plan And A Standard Operating Procedure For Daily Operations

1163 Words Aug 9th, 2014 5 Pages
Thesis Statement Social engineering is one of the greatest threats to any given security system, let alone any information system.
Introduction
When thinking about security, we have to think about the inevitable possibility of our system of protection being breached. This paper will portray a scenario where I have been hired as the security administrator of a major organization that was recently breached by a social engineer. A thorough analysis of the network security will reveal that there is no security plan in place and no standard operating procedures for e-mail, acceptable use, physical security, and incident responses. This will be remedied with the proper understanding of the organization’s network and daily operations in order to develop a proper security plan and a standard operating procedure for daily operations.
The Security Plan A company’s information security plan is managed by the IT department and encompasses responsibility for the company’s entire network. The security plan requires the IT department personnel to understand how the company’s network functions in a day-to-day role. Every security plan requires at least five of these elements: security risk analysis, security strategies, public key infrastructure policies, security group descriptions, group policy, network logon and authentication strategies, information securities strategies, and administration policies (Microsoft). A security plan is not very useful if no one…
Open Document