20190817165824policy.edited__1_.edited.docx - Running head...

This preview shows page 1 - 4 out of 8 pages.

Running head: OPERATIONS SECURITY 1 Your name Instructor’s name Course Date of submission
Running head: OPERATIONS SECURITY 2 The organization type that was chosen as a scenario was business. QUESTION 1 Training of the employees with the principles of cybersecurity will reduce the cost of cyber-attack. The organization should also install, use and have a regular update of the antivirus software for all the computers which are used in the business. The firewall should be used for the internet connection. It is also important for the business to make the backup copies for important data and information of the business. There is also the downloading and installing of software updates in the operating systems and the applications of the business. Securing the business Wi- Fi networks is another business driver relevant to IT security. The employees should also be limited to the access of the data and information of the business and each employee should also have an individual user account. The business should also change the passwords of the devices regularly (Ionescu, 2015). Question 2 In the business scenario, the law of PCI DSS should be a must because it helps in preventing financial losses. The regulation helps in reducing the risk of data loss in the debit and credit cards. The regulation suggests how the data loss can be prevented, detected and the reaction if the breaches of the data had occurred. The financial and service institutions, and the organizations that process the confidential, private and non-public data must comply with the No. 16(SSAE 16) law. The law gives a universal standard for the organizations in protecting the customers’ information. It is not a must for businesses to use the ITIL regulation. The law will not be relevant if the people implementing it do not have a good understanding of the
Running head: OPERATIONS SECURITY 3 framework. For the law to benefit the business all the stakeholders should first understand the law (Cohen, 2017). Question 3 The user domain is a system where the domain controller stores the username and the passwords of users and not most applicable since the employee can delete the data. The workstation domain is the networking of all the computers in the same domain and it is most applicable especially in installing the software. LAN domain is the interconnection of small devices in shorter distances and it is most applicable since many devices can share a common resource. The WAN domain is a system where devices are linked to long distances and it is most applicable enabling organizations to communicate faster. The LAN-WAN domain is a system

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture