100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Summary Signature Assignment Infrastructure Best Practices and Security.doc Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST PRACTICES, AND SECURITY 1 BSA/ 520 Gail Signature Assignment: Infrastructure, Best Practices, and S $7.49   Add to cart

Summary

Summary Signature Assignment Infrastructure Best Practices and Security.doc Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST PRACTICES, AND SECURITY 1 BSA/ 520 Gail Signature Assignment: Infrastructure, Best Practices, and S

 0 view  0 purchase
  • Course
  • Institution

Signature Assignment Infrastructure Best Practices and S Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST PRACTICES, AND SECURITY 1 BSA/ 520 Gail Signature Assignment: Infrastructure, Best Practices, and Security BSA/ 520 Introduction Gail Industries is com...

[Show more]

Preview 2 out of 6  pages

  • March 18, 2021
  • 6
  • 2020/2021
  • Summary
avatar-seller
Running Head: GAIL SIGNATURE ASSIGNMENT: INFRASTRUCTURE, BEST
PRACTICES, AND SECURITY 1


BSA/ 520


Gail Signature Assignment: Infrastructure, Best Practices, and Security


BSA/ 520




Introductio
n

Gail Industries is committed to ensuring Smallville’s IT Infrastructure is protected

from Cyberattacks. Gail has recently completed an IT review on SCOPE’s present security and

infrastructure policies and practices. Although Smallville does have policies and procedures in

place for staff to follow, the assessment uncovered several vulnerabilities. Policies will not

resolve SCOPE’s problems. However, if clearly written and observed, these policies will

outline the standards which the organization demands. Requirements that will not only protect

Smallville’s information and systems but staff members and the organization itself.



Existing Policies, Practices, and
Infrastructure

Areas of Concern Controls in Place
 Two-Factor Authentication (Retinal Eye Scan and Badge Access
 Card) Badges Acquired via Staff Management Form
 Only Departmental Managers Approves Badge Requests
 Only IT Personnel can Assess the Badge Access System
Physical Access to Data  Badges are Revoked for Terminated Staff During the Termination
Center Process
 Badge Reviews are Conducted Monthly
 Visitors Must Sign a Logbook and Provide a Picture ID Before Entering
 Authorized IT Personnel and Equipment Technicians has Access
 CCTV Surveillance Cameras Throughout the Facility and Data Center
 Recordings from CCTV are kept for at Least 45 Days
Physical Access to  Documented Physical Access Procedures
Facilities  Badge Door Access System
 Badge Request through Employment Management Form through GEO
 Badge Request approved by Departmental Management
 Administrative Access to Badge Access System Restricted to Authorized
IT Staff only

,  All Terminations go through a Termination Process in which Badge
Access Privileges are Revoked
 Badge Access Privileges are Reviewed Monthly by IT Manger
 Administrative Staff Monitor the Two Entrances into Facilities
 Both Facilities Entranceways Always remain locked
 All Visitors must Ring Video Doorbell that answered by the
Receptionist.
 All Visitors must Sign a Logbook upon Entering Facilities
 All Visitors must Wear a Visitor’s Badge
 All Visitors must be Escorted by an Authorized Staff Member upon
accessing sensitive areas
 CCTV Surveillance Cameras Throughout the Facility and Data Center




Change Management  Documented Change Management Policies and Procedures are in Place.
 Provisions for Emergency Changes to Infrastructure and Operating
Systems are in Place
 All Change Request are Documented on a CR (Change Request) Form
 All CR’s must Contain Change Details Including Change Requestor,
Date of Request, Change Description, and Change Specifications
 Management will Hold Weekly Meetings with the CAB (Change
Advisory Board) to review and prioritize CRs
 CAB Approves all Changes before Implementation
 Management authorizes CRs in the CAB Meeting by signing off on the
CR form
 Prior to Change Implementation, Detail testing is performed
 Detail Testing are Conducted in a test in Environment Logically
Separated Production Environment
 All Infrastructure and Operating System Updates to the Production
Systems are Restricted to User Accounts of Authorized IT Personnel
Logical Security  Documented Information Security Polices are Updated Annually
 Prior to Access to Infrastructure and Operating Systems, All Users
must be Authenticated via User Account and Passwords.
 CSS Enforces Passwords Best Practices:
Minimum Password Length
Password Expiration Intervals
Password Complexity
Password History Requirements
Invalid Password Account Lockout Threshold
Before Granting Access to Applications, CCS Application is Utilized to
Authenticate Users via Use of Individual User Accounts and Passwords

CSS Utilizes Predefined Security Groups for Role-Based Access
Privileges.



Analyzing Security Practices and Infrastructure

After careful review of Smallville's existing policies, practices, and infrastructure, it has

been determined that SCOPE, overall, has many controls in place to protect the organization's

intellectual and physical assets. However, several concerns were noted and needed to be

addressed.

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller helperatsof1. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $7.49. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

76799 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$7.49
  • (0)
  Add to cart