Suppose you are the IT professional in charge of security for a small pharmacy t

Question

Suppose you are the IT professional in charge of security for a small pharmacy that has recently opened within a shopping mall. The daily operation of a pharmacy is a unique business that requires a combination of both physical and logical access controls geared towards protecting medication and funds located on the premises, as well as the personally identifiable information and protected health information of your customers that resides on your system. Your supervisor has tasked you with identifying inherent risks associated with your pharmacy and establishing strong physical and logical access control methods to mitigate the identified risks.

1) Firewall (1)

4) Desktop computers (4)

2) Windows 2012 Active Directory Domain Controllers (DC) (1)

5) Dedicated T1 Connection (1)

3) File Server (1)

Write an eight to ten (8-10) page paper in which you:

1.              Identify at least five (5) potential physical threats that require attention.

2.              Determine the impact of at least five (5) potential logical threats that require attention.

3.              Detail the security controls (i.e., administrative, preventative, detective, and corrective) that the pharmacy could implement in order to protect it from the five (5) selected physical threats.

4.              Explain in detail the security controls (i.e., administrative, preventative, detective, and corrective) that could be implemented to protect from the five (5) selected logical threats.

5.              For each of the five (5) selected physical threats, choose a strategy for addressing the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies.

6.              For each of the five (5) selected logical threats, choose a strategy for handling the risk (i.e., risk mitigation, risk assignment, risk acceptance, or risk avoidance). Justify your chosen strategies.

7.              Use at least five (5) quality resources in this assignment (no more than 2-3 years old) from material outside the textbook. Note: Wikipedia and similar Websites do not qualify as quality resources.

1) Firewall (1)

4) Desktop computers (4)

2) Windows 2012 Active Directory Domain Controllers (DC) (1)

5) Dedicated T1 Connection (1)

3) File Server (1)

Explanation / Answer

Physical threats:

You must keep yourself safe from the physical intruders. Be aware of individuals around you.

People around your office (study): Be aware of your neighbours.

People inside your office (study).

People at your workplace.

Be aware of the software and settings related to physical security. (Maintain good passwords, and keep your sensitive files safe, and protected).

The Portable Devices: The world has revolutionized and everything has moved onto USB’s and hard disks. We must keep our portable devices safe.

We can classify these Physical Threats into three headings:

Internal: such as fire threats, power supply.

External:Days of extreme heat/ quakes.

Human : Locked Doors/ Restricted Access to Computer.

Logical Threats:

Persistent Threats- This includes threats such as Trojan Horse, and phishing attacks.

Personal devices lead to security issues with external threats from their devices to misplacement of valuable company information.

Embedded Systems- Certain pop ups in websites, are malicious and pose a threat to the system.

The Cloud- Although it has great benefits but has several downsides as well like data loss, service traffic hijacking, malicious insiders, and shared technology vulnerabilities.

Un-authorized access to computer systems resources such as data

Security controls for Each:

Physical Threats:

For all the listed physical threasts, the best possible way to solve/secure your system would be to be more attentive.

Safeguard your tools/ devices.

Use passwords everywhere.

Keep all your devices locked

Maintain passwords standard.

Keep your data / data devices in a secure place.

Logical Threats:

Use of Anti-Viruses

Maintaining devices and keeping it safe from other devices in workplace.

Use pop-ups blocking at your internet.

Clouds are safe, but only when used cautiously, so use complicated passwords, and proper data back up!

Related Questions

Navigate

• Browse (All)
• Browse S
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.