APA_Unit1 - Security Policy Elements Running Head SP...

Info icon This preview shows pages 1–4. Sign up to view the full content.

View Full Document Right Arrow Icon
Security Policy Elements Running Head: SP Security Policy Elements - Week 1 Assignment Tushar Agarwal Kaplan University
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Security Policy Elements PART 1 When devising a Security Policy for Home Network / Small Business organization which elements should be considered have been outlined below with appropriate reasoning. The elements in consideration have been picked up from the Assignment Document: 1. Introduction – Can be skipped 2. Purpose – This is required as it defines what is the intent of drafting this document. Also what questions this document can answer in case of a conflict / confusion. 3. Organization Business Objectives – This can be skipped as this can be clubbed to the purpose. We are looking at small Organization. 4. Roles and Responsibilities – This is required as within a small organization there will be people who will be assigned to tasks. 5. Security Enforcement – Required as Violations definition and Action taken should be defined under this. 6. Security Incident Response – This is required for Disaster Recovery and any unknown incident accounted for day-to-day functioning. 7. Agreements with other Organizations – This is required for using licensed product and need to be recorded. 8. Applications Used a. Email, web, DNS, DHCP, File and print sharing – Required for the day to day functioning b. Special applications listed – Required. 9. Technical Security – This mainly concerns a System Policy but is there is not one applicable it should be part of this document. a. Security requirements – Required, brief outline for System Policy b. Security architecture – NA, Should be covered in Design. c. Security infrastructure - NA, Should be covered in Design. d. Encryption requirements – Required. e. Configuration management – NA Implementation details. 10. Identification of Sensitive Information – Required for protecting Proprietary and Business Sensitive Information a. Authentication requirements – Required as it carries over to System Configuration b. Access requirements – Required as this controls Data and System Access. If everyone has access to these it may lead to chaos c. Documentation requirements – Required for internal Use 11. Auditing Requirements – May not be required 12. Business Continuity Plan – Required for Incident Management Plan 13. Data Backup and Recovery Plan – Required for incident Management Plan 14. Appendices – Required for easy understanding
Image of page 2
Security Policy Elements PART 2: Threats to top 10 Element in an organization I have been involved with Software Development and Delivery and the most important Items and threats include: 1. Workstation (This Include developer workstation, Salesperson PC / Laptop and other support staff PCs) a. Internal Threats– Data Stealing, Unauthorized Access, Password sharing etc.
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 4
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern