100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
Previously searched by you
Summary Signature Assignment Infrastructure Best Practices and Security.doc Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST PRACTICES, AND SECURITY 1 BSA/ 520 Gail Signature Assignment: Infrastructure, Best Practices, and S$7.49
Add to cart
Summary Signature Assignment Infrastructure Best Practices and Security.doc Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST PRACTICES, AND SECURITY 1 BSA/ 520 Gail Signature Assignment: Infrastructure, Best Practices, and S
0 view 0 purchase
Course
University Of Phoenix UoP
Institution
University Of Phoenix
Signature Assignment Infrastructure Best Practices and S Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST PRACTICES, AND SECURITY 1 BSA/ 520 Gail Signature Assignment: Infrastructure, Best Practices, and Security BSA/ 520 Introduction Gail Industries is com...
signature assignment infrastructure best practices and securitydoc running head gail signature assignment infrastructure
and security 1 bsa 520 gail signat
Written for
University Of Phoenix
University Of Phoenix UoP
All documents for this subject (3705)
Seller
Follow
helperatsof1
Reviews received
Content preview
Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST
PRACTICES, AND SECURITY 1
BSA/ 520
Gail Signature Assignment: Infrastructure, Best Practices, and Security
BSA/ 520
Introductio
n
Gail Industries is committed to ensuring Smallville’s IT Infrastructure is protected
from Cyberattacks. Gail has recently completed an IT review on SCOPE’s present security and
infrastructure policies and practices. Although Smallville does have policies and procedures in
place for staff to follow, the assessment uncovered several vulnerabilities. Policies will not
resolve SCOPE’s problems. However, if clearly written and observed, these policies will
outline the standards which the organization demands. Requirements that will not only protect
Smallville’s information and systems but staff members and the organization itself.
Existing Policies, Practices, and
Infrastructure
Areas of Concern Controls in Place
Two-Factor Authentication (Retinal Eye Scan and Badge Access
Card) Badges Acquired via Staff Management Form
Only Departmental Managers Approves Badge Requests
Only IT Personnel can Assess the Badge Access System
Physical Access to Data Badges are Revoked for Terminated Staff During the Termination
Center Process
Badge Reviews are Conducted Monthly
Visitors Must Sign a Logbook and Provide a Picture ID Before Entering
Authorized IT Personnel and Equipment Technicians has Access
CCTV Surveillance Cameras Throughout the Facility and Data Center
Recordings from CCTV are kept for at Least 45 Days
Physical Access to Documented Physical Access Procedures
Facilities Badge Door Access System
Badge Request through Employment Management Form through GEO
Badge Request approved by Departmental Management
Administrative Access to Badge Access System Restricted to Authorized
IT Staff only
, All Terminations go through a Termination Process in which Badge
Access Privileges are Revoked
Badge Access Privileges are Reviewed Monthly by IT Manger
Administrative Staff Monitor the Two Entrances into Facilities
Both Facilities Entranceways Always remain locked
All Visitors must Ring Video Doorbell that answered by the
Receptionist.
All Visitors must Sign a Logbook upon Entering Facilities
All Visitors must Wear a Visitor’s Badge
All Visitors must be Escorted by an Authorized Staff Member upon
accessing sensitive areas
CCTV Surveillance Cameras Throughout the Facility and Data Center
Change Management Documented Change Management Policies and Procedures are in Place.
Provisions for Emergency Changes to Infrastructure and Operating
Systems are in Place
All Change Request are Documented on a CR (Change Request) Form
All CR’s must Contain Change Details Including Change Requestor,
Date of Request, Change Description, and Change Specifications
Management will Hold Weekly Meetings with the CAB (Change
Advisory Board) to review and prioritize CRs
CAB Approves all Changes before Implementation
Management authorizes CRs in the CAB Meeting by signing off on the
CR form
Prior to Change Implementation, Detail testing is performed
Detail Testing are Conducted in a test in Environment Logically
Separated Production Environment
All Infrastructure and Operating System Updates to the Production
Systems are Restricted to User Accounts of Authorized IT Personnel
Logical Security Documented Information Security Polices are Updated Annually
Prior to Access to Infrastructure and Operating Systems, All Users
must be Authenticated via User Account and Passwords.
CSS Enforces Passwords Best Practices:
Minimum Password Length
Password Expiration Intervals
Password Complexity
Password History Requirements
Invalid Password Account Lockout Threshold
Before Granting Access to Applications, CCS Application is Utilized to
Authenticate Users via Use of Individual User Accounts and Passwords
CSS Utilizes Predefined Security Groups for Role-Based Access
Privileges.
Analyzing Security Practices and Infrastructure
After careful review of Smallville's existing policies, practices, and infrastructure, it has
been determined that SCOPE, overall, has many controls in place to protect the organization's
intellectual and physical assets. However, several concerns were noted and needed to be
addressed.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller helperatsof1. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.49. You're not tied to anything after your purchase.