Essay on "Security Policy and Risk Strategy"

Home > Topics > Computers & Internet My Account

Essay 4 pages (1383 words) Sources: 2

[EXCERPT] . . . .

Security Policy and Risk Strategy

Over the last several years, a variety of organizations have begun to implement various security and risk assessment protocols, to ensure that they are protected against the changing nature of threats against them. This has caused many organizations to assume that they are safe from all possible threats, which increases the overall amounts of vulnerability. As this lack of vigilance has created a situation where some type of security vulnerability will be missed. Once this happens, is when the entire network is exposed to these threats. In the case of Making Money Corporation (MMC), they are vulnerable to the changing nature of threats from: the different locations and the large amounts of personal / financial information that they store on their servers. As a result, the company is interested in implementing a robust data recovery plan. To successfully implement this type of protocol requires examining: the characteristics of the environment, the responsibilities for selecting / maintaining the strategy, the procedures / products that will be used, how the procedures / products will help the organization and where these procedures / products should be implemented within the company. Together, these different elements will provide the greatest insights as to how MMC can successfully implement a new risk protocol.

Characteristics of the particular environment that may influence the strategy

Since the company has 30 branches across three different states, means that there is always that possibility that security could be breached or compromised in some way. This could be in the form of hackers being able to successfully p

Continue scrolling to

download full paper ⤓

enetrate a location's security infrastructure. Where, the it staff at a particular location many assume that they are safe, without keeping on top of the changing nature of the threat. This is problematic because once such attitudes begin to occur, means that there is the possibility that the financial information of a particular branch could be compromised. An example as to how severe this problem has become can be seen with a study that was conducted by the Department of Homeland Security, which found that 30% of companies monitor and test their plans. (Mason, 2010) This is significant, because it shows how each individual branch could have its own unique security threat. If they are not testing their plan, then the realistic possibility exists that at some point, hackers will successfully penetrate the system. The way that you could implement these risks in the system, is to have a team that will randomly test the security of each location (unannounced). Once the vulnerabilities are discovered, is when they can work with the it personnel at each location to rectify these different security issues.

Roles involved in the selection and maintenance of the strategy

To successfully implement and maintain any kind of security protocol requires that the entire staff understands their responsibilities. At which point, they would then communicate the different issues that could be encountered. As a far as the management is concerned, their responsibility is to maintain the necessary leadership and constant focus on always identifying weaknesses in the system. This would include: ensuring that there are sufficient funds for the it personnel to implementing new changes quickly. The various it staff would serve as the front line defense that is monitoring for various breaches and is communicating this information to management / staff. Once the staff is informed of what is occurring; they can serve in secondary role by monitoring for any kind of strange activity. You would then, have an independent team of security personnel, at another location that will constantly seek out ways to exploit the system's vulnerabilities. At which point, they would report to management what they discovered.

Selection of a particular set of procedures and products

The procedure that will be selected is one that involves the process of streamlining. Since, the company is using a total of 50 different servers, makes it obvious that each location is storing their own set of information. This increases the overall security risks that are faced by the company exponentially. To effectively prevent such situations, requires using a single protocol that will store all information at two… READ MORE

Download Full Paper

Write a New Paper for Me

Quoted Instructions for "Security Policy and Risk Strategy" Assignment:

“

Create a strategy for incorporating risk assessment and security policy implementation into the security plan for the Making Money Corporation. This strategy should include the following components:

-Characteristics of the particular environment that may influence the strategy. (Describes characteristics of the environment that may impact the creation of a security policy and risk strategy and elaborates on how to integrate those characteristics into a successful plan.)

-Roles involved in the selection and maintenance of the strategy. (Identifies all of the organizational roles involved with the selection and maintenance of a security policy and risk strategy and provides support for the roles included in the strategy.)

-Selection of a particular set of procedures and products. (Identifies products that are appropriate for the organization to use as part of a security policy and risk strategy and provides support for the products selected.)

-Support for why these procedures and products are the optimal approach for this organization.

-High level architectural and design details for how and where these procedures and products will be implemented within the organization. (Describes a high level architecture for how products will be integrated into the design of a security policy and risk strategy and provides support for the selection of this particular design.)

Here is the info on the company the paper should be written about.

The organizations name is the Making Money Corporation (MMC). MMC has one corporate center and 30 branch locations scattered across three states. The corporation has a fairly well rounded IT staff which consists of system engineers, network engineers, a Database Administrator, helpdesk personnel, who all report to a CIO.

The network is comprised of a single Microsoft Active Directory domain with domain controllers at each physical location. The branches connect back to the corporate office via a T1 MPLS WAN connection. The corporationÐ Ð†Ð *****šÐ²*****žÑžs sole Internet connection is at the corporate center. The computers and VoIP phones connect via CAT6 cable runs to 3Com and Cisco network equipment.

The corporation has a core business application which has business operation platforms plug-ins. The core business application houses the customer information and all associated accounts in a relational database. The platforms used are a lending platform and a collections platform. The corporation has just recently implemented a document scanning solution that will digitally capture all paper documents used for customer interaction. An accounting application is used to keep track of the institutions general ledger, assets, and other accounting functions. MMCÐ Ð†Ð *****šÐ²*****žÑžs HR department utilizes a payroll and benefits system that is a software as a services type of architecture.

Few key personnel are issued laptop computers which is less than 15 employees. The rest of the employees use workstations. There are around 50 server class computers. Each branch has exactly one server which is a domain controller and core application server.

The corporation uses a backup to disk solution for its critical servers. The corporation is interested in implementing a robust Disaster Recovery (DR) solution for its critical computer infrastructure.

How to Reference "Security Policy and Risk Strategy" Essay in a Bibliography

“Security Policy and Risk Strategy.” A1-TermPaper.com, 2010, https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680. Accessed 3 Jul 2024.

Security Policy and Risk Strategy (2010). Retrieved from https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680

A1-TermPaper.com. (2010). Security Policy and Risk Strategy. [online] Available at: https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680 [Accessed 3 Jul, 2024].

”Security Policy and Risk Strategy” 2010. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680.

”Security Policy and Risk Strategy” A1-TermPaper.com, Last modified 2024. https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680.

[1] ”Security Policy and Risk Strategy”, A1-TermPaper.com, 2010. [Online]. Available: https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680. [Accessed: 3-Jul-2024].

1. Security Policy and Risk Strategy [Internet]. A1-TermPaper.com. 2010 [cited 3 July 2024]. Available from: https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680

1. Security Policy and Risk Strategy. A1-TermPaper.com. https://www.a1-termpaper.com/topics/essay/security-policy-risk-strategy/61680. Published 2010. Accessed July 3, 2024.

Related Essays: