Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Objective: Evaluate security policy clauses, identify deficiencies, and update p

ID: 3808484 • Letter: O

Question

Objective: Evaluate security policy clauses, identify deficiencies, and update policies in response to events or changes. Description: Security policies should be revised to address security breaches or new threats. In this project, you evaluate the theft of proprietary information and identify some obvious deficiencies in a security policy. Then you recommend changes to the security policy to prevent similar incidents from recurring. A local branch office of a major national stock brokerage had no policy that required the termination of user ID and password privileges after employees leave. A senior trader left the brokerage and was hired by a competing brokerage. Shortly thereafter, the first brokerage lost two clients who said they were moving to a competing firm; their personal data files disappeared mysteriously from the company’s databases. In addition, a year-end recommendations report that the senior trader had been preparing was released two weeks early by the competing brokerage. An investigation of the company’s access logs revealed that the employee records file had been accessed by someone outside the company. The job records, however, did not reveal whether the report had been stolen because they had not been set up to record object accesses in a log. The existing security policy states the following:

“On termination, employees shall surrender any laptops, disks, or computer manuals they have in their possession. They are no longer authorized to access the network, and they shall not take any hardware or software when they leave the office.”

1. What changes would you make to the existing security policy so that security is improved after employees are terminated?

2. Brainstorm for ideas to develop a security policy clause that covers access of company records and helps track when files are accessed.

Explanation / Answer

Answer 1: The changes required in the existing security policy are as follows:

1. Secure the wifi network, so than any unauthorized user done not get access to network and get paitent information and their data.

2. Use latest antivirus software to keep your desktop safe from malicious virus.

3. Proper access rights should be given to the staff of physician office, only auhorized users can have access to paitent reports.

4. Operating system of desktop should be upgrade too.

Answer 2: The developed security policy is as follows:

Security Policy: Security policy is being used to maintain atleast a minimum required security in networks as well as in industrial control systems. This policy include following given steps:

1) Identify: Here in this very step, ve identify the various resource, that we have look for the security issues. In the other way, we can say that, here in this step, we identify, what we need to protect or look for the security issues.

2) Asses: As in the first step various assets have been identified, so now in this step, we perform a security assessment on the resources as well as assets identified on the very first step. Here in this step we take care of various aspects of processes as well as of procedures to look for vulenrability as well as of security concerns. On the bases of the assessment, we derive the security issues as well as the security results, which tells about the security related issues of resource as well as of assets.

3) Protect: Here in this step, we work on the security issues found in the assessment step. Here we try to protect our procedures as well as the processes for security threats. We work on the security issure related results and try to protect and mitigate each and every resources involved in the process.

4) Monitor: After protecting the resources and the processes, we have to keep monitoring it, monitoring is required so that same process, procedure or the resource does not show the security concerns again.

So we can say the security policy is to devlop a security plan that can results in to the imporoved security of our systems as well as of networks. It also provide a model to continuously monitoring our systems and the resources. Security policy provides us the process in which one step leads to the second step and these step wise activities provide us refine and secure system. This security policy is the process that must be executed continuously, as its an ongoing process that help the system in security related issues.

Related Questions

Objective-C Create an app for a one player guessing game. The program chooses an
Question #650358
Objective/ Purpose: As Introduction to Business students, it is imperative to ob
Question #2536758
Objective: (2.4) Use the Empirical Rule 21) If one card is drawn from a standard
Question #3226896
Objective: (Please write in python) Write a program that lets the user play the
Question #3607208
Objective: (Please write in python) Write a program that lets the user play the
Question #3607567
Objective: -In C translate a virtual address to a physical address, involving a
Question #3715712
Objective: -In C translate a virtual address to a physical address, involving a
Question #3717968
Objective: 1. Ability to implement class, and application on it. Question: 1. Cr
Question #3634795

Navigate

Previous
Objective: Develop class definitions and implementations to demonstrate C++ inhe
Next
Objective: Exercise inheritance in Java. Java program: 1. Create a class named R

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.