I could use some advice for my computer security project. I\'m making a powerpoi

Question

I could use some advice for my computer security project. I'm making a powerpoint about a company called

Voalte (high-tech company developing modern hospital comm systems). For such a company, what type of security controls would they deal with?

I need to research state-of-the-art security controls and show tradeoffs associated with recommended best practices;

a. You must consider technical, administrative, and operational controls

b. You must also consider any compliance issues (e.g., government, industry) to which this organization might be held accountable

Applying a return on Investment (ROI) analysis for effective application of those security controls;

Explanation / Answer

For the company like Voalte, they deal with all the three types of security controls. All the three types of security controls are mandatory to ensure the confidentiality, integrity and avalability of information.

Considering only the technical, administrative and operational controls,

1.Procedural controls like incident response processes, management oversight, security awareness and training are taken care to ensure safety and security.

2.Legal and regulatory or compliance controls like privacy laws, policies(e.g. Voalte Privacy Policy) and clauses, bylaws are written to protect the company and it's actions and it's clients.

Voalte reserves the right to share demographic information about it's customers, sales and traffic to it's partners and advertisers. The data collected or shared by Voalte under this policy excludes any information that would be considered protected health information under HIPAA. As such, while Voalte operates in compliance with HIPAA, other applicable law, and its obligations under its customer agreements, this Policy creates no additional HIPAA or contractual obligations related to protected health information by Voalte.

3.Technical controls

Preventative controls like Security Awareness Training, Access controls, Firewall and IPS,Anti-virus are necessary measures as Voalte is a clinical communication software company.

Detective controls like Video Surveillance, System monitoring, Logs and Audit Trails are implemented.

Corrective controls like restoring operating system or data from a recent backup, updating an outdated antivirus, installing a fix are mandatory security measures.

Compansatory controls like backup in a remote server etc., are steps taken to ensure no data loss.

Voalte takes commercially reasonable steps to protect information we collect from us to prevent loss, misuse and unauthorized access, disclosure, alteration and destruction.The servers on which information is stored are kept in a controlled environment with limited access.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.