Premium Essay

How to Plan for Security

In: Business and Management

Submitted By ramen21
Words 1907
Pages 8
How to Plan for Security
i). Statement of Policy
This policy statement seeks to address the optimum and responsible use of the wireless local area network WLAN facility available at the university in relation to specific network security issues. The issue of concern in this policy is the promotion of responsible use of the WLAN facility among the university’s student and workers. The strategy aims at preventing security problems that may arise from the misuse and malicious exploitation of the facility by people granted approval to access the university’s WLAN information systems.
a) Scope and Applicability
The scope of this policy statement covers the hardware, software and access protocols associated with the WLAN use by students and workers at the university. The policies adopted will seek to regulate access permissions for the users of the WLAN facility and to promote responsible use in line with policies outlined in this policy document and by industry standards and legal requirements of use.
b) Definition of Technology Address
The WAN is available for use by the students and workers within the university. The WLAN facility provides access to information systems meant to facilitate the learning and worker needs by providing information access and software platforms.
c) Responsibilities
The administration and management of the WLAN facility is the responsibility of appointed network administrators at the university’s faculty of Information and Communication Technology. The network administrators are tasked with managing access control protocols, hardware and software maintenance, network security, and undertaking the necessary development and improvement as required (David & Michael, 2010, P.47). The network administrators are tasked with drafting suitable policies, including this policy document, which would be used to guide the governance, optimization and…...

Similar Documents

Premium Essay

Security Plan

...1.0 Overview This remote access policy defines standards for connecting to the organizational network and security standards for computers that are allowed to connect to the organizational network. It also specifies how remote users can connect to the main organizational network and the requirements for each of their systems before they are allowed to connect. The remote access policy defines the method users can use to connect remotely such as VPN. It will specify when using the VPN, the VPN protocols used will be defined. Methods to deal with attacks should be considered in the design of the VPN system. 2.0 Purpose The purpose of this policy is to define standards for connecting to remote offices located in Atlanta, San Francisco, Chicago, and Dallas. These standards are designed to minimize the potential exposure to the remote offices from damages which may result from unauthorized use of resources. Damages include the loss of sensitive or confidential data, intellectual property, damage to public image, damage to critical internal systems, etc. 3.0 Approval Any remote access using VPN or any other remote access to the organizational network must be reviewed and approved by the appropriate supervisor. All employees by default will have account settings set to deny remote access. Only upon approval will the account settings be changed to allow remote access. 4.0 Remote Computer Requirements 1. An anti-virus product is required to be operating on the computer......

Words: 507 - Pages: 3

Free Essay

Primus Securities Business Plan

...monetary resources will budgeted in accordance with long-term phased implementation plan. Quarter Projected Budget Projected Profit/Loss Projected Website Rank 1 $90,000 ($22,000) 39 2 $50,000 $210,000 22 3 $65,000 $407,000 13 Resources Primus Securities will hire technology professionals. The technology team will initially include a system administrator, webmaster, and a maintenance programmer, and it should be expanded as necessary in the future. As new features are being implemented, the team would grow to potentially include more programmers, a system architect, a graphics designer, a database administrator, etc. A major benefit of in house development of projects is that the ability to customize features to the exact desired specifications and to continually fine tune the system. If there is an aggressive timeline or a limited budget, an alternative would be to contract with an outside vendor to create the website but beware of the following risks involved: „X Website Solution. There is often a tendency to get a more ¡§cookie cutter¡¨ solution. The website would not be unique enough for customers to recognize the benefits versus those of its competitors. „X Service Level Agreement. Vendor may fail to meet the company¡¦s requirements and expectations of SLA. „X Rate Fluctuations. Negotiated rate may not be the same from project to project. „X Security Risks. There may be security issues or concerns when outsourcing to a third-party company. The company might......

Words: 1893 - Pages: 8

Free Essay

Security Plan

...ensures that only those with the rights and privileges to access information are able to do so. When unauthorized individuals or systems can view information, confidentiality is breached.” (http://arapaho.nsuok.edu/~hutchisd/IS_4853/C6572_01.pdf) “In an organization, the value of confidentiality of information is especially high when it involves personal information about employees, customers, or patients. Individuals who deal with an organization expect that their personal information will remain confidential, whether the organization is a federal agency, such as the Internal Revenue Service, or a business.” ((http://arapaho.nsuok.edu/~hutchisd/IS_4853/C6572_01.pdf.) This is a concept true in the Army there are two different levels of security clearances for everyone. There is the secret and the top secret each requires a vigorous investigation into a person’s past to make sure they should have the level of clearance they are requesting. If a person doesn’t have at least a secret clearance they are not allowed to access the SIPRnet, which is the Secret Internet Protocol Router Network. This network protocol holds all of the units secure data and can only be accessed by personnel with the proper clearance. Integrity “Information has integrity when it is whole, complete, and uncorrupted.” (http://arapaho.nsuok.edu/~hutchisd/IS_4853/C6572_01.pdf.) “The integrity of information is threatened when the information is exposed to corruption, damage, destruction, or other......

Words: 889 - Pages: 4

Premium Essay

Security Plan

...members. “In most countries, candidates for the police force must have completed some formal education. Many police forces around the world have now developed a program where selectees with university degrees spend two to three years as a Constable before receiving promotion to higher ranks, such as Sergeants or Inspectors” (Cole & Smith, 2004). Police officers are also recruited from those with experience in the military or security services. In the United States state laws determine qualification standards regarding age, education, criminal record, and training, however some requirements may be mandated by local police agencies. VCPD’s organization and management, although functional, lacks the structure and diversity needed to facilitate and grow as a police department. The organizational strategy for an effective police department operates in three areas. 1. Strategic—the organization's overriding philosophy 2. Tactical—that philosophy in action 3. Personal—the philosophy manifested in the behavior of each officer. The organizational plan gives the officer permission to do what they do best, resulting in their courage and confidence to act.VCPD’s management should have a systems approach, a process where “each organizational area works together to process information in a logical manner for rational decision making to achieve desired result" (Neocleous, 2004). According to Moore & Stephens, in order to support the systems approach, the police department......

Words: 1902 - Pages: 8

Free Essay

Enterprise Security Plan

...Enterprise Security Plan Enterprise Security Plan Smith Systems Consulting (SSC) is a major regional consulting company. Headquartered in Houston, Texas, the firm’s 350 employees provide information technology and business systems consulting to its clients in a wide variety of industries including manufacturing, transportation, retail, financial services and education. Smith Systems Consulting (SSC) is a service provider. It provides IT services for other companies. Security is essential for SSC because it not only requires security for itself, but SSC also has many customers depending on it to provide top level IT services, which also includes security. Enterprise risks are a part of all business and how we address these risks determines how successful we are in the business world. Risks can be defined by “any exposure to the chance of injury or loss.” (Cheryl l. Dunn, 2005) Risks can be internal or they can come to us from outside sources in the form of external risks. Both types of risks pose a threat to the overall security of the enterprise. An Enterprise Security Plan (ESP) outlines possible risks by identifying the vulnerabilities within the business process and ranks the vulnerabilities for ease in developing a mitigation plan. The ESP also identifies technologies and policies that will help in the development of an operational plan that protects the business process and intellectual property of your corporation. Within this ESP we have developed 3......

Words: 1749 - Pages: 7

Premium Essay

Security Plan

...Security plan The security plan is based on the fact that the institution is working on a stringent and anything expensive would be unfair and might seem unreasonable. The security plan is as a result of the increasing population at the institution. Its also facilitated by the fact that Physical plant intrusion eg burglary A watch tower should be raised above the MPSETC this will ensure that everything around the institution can be seen well. The street lighting should also be raised with the lighting focusing around the whole institution. Plant intrusion can most likely happen at night and that is why it is important to make sure that the education and training center is well lit and guarded at night. Mpsetc ought to employ more security officers to watch over this area from the proposed towers. Doing this will also be very cheap as it does not require any complex resources. Property damage interior and exterior eg vandalism and theft Personal security eg assault, personal property loss/damage The top priority of the Maryland Department of Public Safety and Correctional Services is to ensure the safety of our staff and the incarcerated offenders in our care. That we have been able to drive down department-wide serious assaults on our correctional officers by 60 percent since FY 2007 is evidence of that, as is the 53 percent drop in inmate serious assaults during that time. We've lowered total assaults on staff by 34 percent at North Branch Correctional Institution......

Words: 550 - Pages: 3

Premium Essay

Physical Security Plan

...Perimeter Protection As the Security Manager of Palm Beach Marina Cove (PBMC), I was informed that there will be an expansion to the existing condominium. PBMC II will be built next to PBMC on the east side of the property near the seawall. ABC construction will be the lead company to erect the PBMC II. A construction site has a high probability of internal and external threats. With the ongoing construction, we must put in place a perimeter protection plan. The perimeter protection plan must include best practices in perimeter protection for a construction site that integrates with the contiguous existing building, properly safeguard the perimeter of both sites during construction, my recommendations, and a budget for all recommendations. The protection plan will come with a price but we need to ensure the safety of all the residents of PBMC, but also take into considerations of ABC constructions equipment and materials. With undertaking of this huge project, we must look at the best practices for the construction site that integrates with the contiguous existing building. The first step in this process will ensure that the individuals that are working on the construction site will have a complete background check. The background check will be conducted by ABC Construction. If the employee is suitable to work on the site, he will be issued a badge with his or her picture on the card. If the individual is not suitable for the work site, then he...

Words: 1710 - Pages: 7

Free Essay

Security and Maintenance Plan

...Security and Maintenance Plan Section Overview > Section 1 Operating Procedures > Section 2 Security and Maintenance Plan > Section 3 Policy > Section 4 Security & Maintenance Schedule > Section 5 Security & Maintenance Checklist Section One Operating Procedures This plan constitutes the “Standard Operating Procedures” relating to physical, cyber, and Procedural security for all (Utility) for all server rooms. It contains a comprehensive overview of the (Utility)’s security program, and in some sections, makes reference to other relevant plans and procedures. Security personnel, operators, and selected server personnel shall be familiar with the information and procedures associated with this Security Plan. Section 2 Security and Maintenance Plan Purpose This policy is to be used as a reference when issuing keys within the (Utility). It will also Explain our policy for returning keys, reporting lost or stolen keys, the use of unauthorized Duplicate keys and loaned keys. The key system will be entered into the computer-based Key Control Program for on-going Maintenance and will be maintained by the Key Administrator. The Facilities Department will program cores and cut keys, and the Key Administrator will issue keys. 6. Issuing Authority – Keys will be authorized in writing for issuance to employees of the (Utility) by one of the following individuals: a) General Manager b) Executive Managers or their designees c)......

Words: 1848 - Pages: 8

Premium Essay

Security Plan

...Your Company Security Plan for Unclassified Data Version 1.3 March 20, 2012 Developed By: Your Committee Committee Your Company Important Disclaimer: The Aerospace Industries Association of America, Inc. (“AIA”) has no intellectual property or other interest in this Aerospace Industry Guideline for Developing a Security Plan for Unclassified Data. By developing this Aerospace Industry Guideline for Developing a Security Plan for Unclassified Data Plan and making it freely available to anyone, AIA assumes no responsibility for this Guideline’s content or use, and disclaims any potential liability associated therewith. Executive Overview From time to time an AIA member company may be requested to provide the DOD, a prime contractor or an industry partner an Information Technology Security Plan for unclassified data. This security plan could be required at the enterprise, program or application level depending on the unique requirements of the request. This request might be challenging for those members that have never been required to provide such a document. This “Aerospace Industry Guideline for Developing a Security Plan for Unclassified Data” provides a template and guidance to assist member companies in the development of a security plan to meet their customers or partners needs. Please keep in mind that this document is provided as a guideline and not a mandatory standard. AII member companies are encouraged to use this guideline.......

Words: 2097 - Pages: 9

Premium Essay

System Security Plan

...Name: Professor’s name: Course: Date: Introduction System security plan document describe all the possible system security control measures, their application status and how they are implemented. It can therefore facilitates the implementation of security processes by guiding the individual involved in this process. This document addresses the first version of system security plan (SSP) of automated banking system. The purpose of this report is to describe the controls that are in place or are in the plan, the expected behavior and the responsibilities of the individuals who uses or access the system. The document structures the planning process of implementing the security control procedures to provide adequate security and cost-effective security protection for the system. Management, operational and technical controls have been identified and discussed in details. The different family of system security controls are defined and discussed comprehensively how their implementation status and how they are implemented. DOCUMENT CHANGE CONTROL Version | Release Date | Summary of Changes | Addendum Number | Name | Version 1 | 22/4/2015 | | 1 | System security plan 1 | SYSTEM IDENTIFICATION Automated banking system is a company application system that has been categorized as a primary system according to FIPS......

Words: 1354 - Pages: 6

Premium Essay

Industrial Security Plan

...Industrial Security Plan Lionel San Jose 05/04/15 SEC 330 Craig Barnhart Industrial Security Plan When people think about different organizations and businesses all they think about is profit and how well the organization or business is thriving but organizations and businesses see more than just profit, they have to deal with protecting this profit along with all other assets affiliated with them. Most people think that hiring security guards and putting up some cameras are enough to keep a place safe but there is much more to keeping assets safe. Organizations should have an industrial security plan in place which will help protect their assets and make their facility a safer working environment. There are a few requirements that need to be addressed in this industrial security plan such as the roles and responsibilities of safety and security officers, OSHA and EPA regulations, emergency response to manmade and natural disasters, and business continuity and recovery from disasters. Roles and Responsibilities Organizations need safety and security personnel within their organization if they want to be protected. There are many different kinds of hazards and risks that can harm any organization but with the help from safety and security personnel these risks and hazards can be minimized or even prevented. Safety and security personnel are not required for an organization to operate as long as the organizations are operating within regulations and it is up to......

Words: 1883 - Pages: 8

Premium Essay

Security Management Plan

...IT 454 Security Management Plan Marshall Miller December 20, 2015 Table of Contents Section 1: Information Security Management 4 Intro to Organization 4 People 4 Physical Security 4 Training of Security 4 Information Technology Training 4 Technology 5 Project Manager Roles 5 Section 2: Security Program 6 Data Classification 6 Management Support 7 Hierarchy Reporting Structure 8 8 Section 3: Security Policies 10 Acceptable Use Policy 10 1. Overview 10 2. Purpose 10 3. Scope 11 4. Policy 11 5. Enforcement 13 6. Definitions 13 7. Implementation Date 13 Section 4: Security Policies 14 Risk Assessment 14 Quantitative Risk Analysis 14 Quantitative Risk Analysis 14 Methodologies 15 1. Transfer 15 2. Avoid 15 3. Reduce 15 4. Accept 16 Summary 16 Section 5: Controlling Risk 17 Administrative 17 Human Resources 17 Organizational Structure 17 Security Policies 18 Technical 18 Access Control 18 System Architecture 18 System Configuration 18 Physical 19 Heating and Air Conditioning 19 Fire 19 Flood 19 Summary 19 Bibliography 20 Section 1: Information Security Management Intro to Organization My organization is about a federally recognized business called JPPSO (Joint Personnel Property Shipment Office). JPPSO specializes in the shipping of military personnel goods. JPPSO works hand in hand with the United States Air Force to enforce the safe shipping of military household......

Words: 2755 - Pages: 12

Premium Essay

Security Plan

...The Security Plan The Floor Plan Name: Empire Purpose: Dance, Bar, VIP, Club Function: NightClub 13,000 Square feet, Two Story Building, 8 VIP Sections, Overlooking Balcony, Two Dance Floors, and Two Dance Cages, Front and Back Entrances. Our location is a prime for criminal behavior and we need to put an end to it. [www.empirelive.com] Threats, Risk Assessments and Counter Measures | | | | |THREAT |RISK |COUNTERMEASURE | | |Probability |Criticality |Total | | |Theft incl. Vehicles |5 |5 |10 |Security stationed outside monitoring| | | | | |activity. Plain clothed officers | | | | | |monitoring indoor and outdoor | | | | | |activity. | |Assault |9 |10 |19 |Plain clothed officers inside and out| | ...

Words: 1426 - Pages: 6

Premium Essay

Security Plan

...Security Plan Your Name CJS 250 Axia University of Phoenix Background This security plan is for a hotel, equipped with a mini mart and service station. The location of this establishment is off Interstate 95 in Jacksonville, Florida. Jacksonville, Florida is a popular tourist city and home of the Jacksonville Jaguars football team in which makes this a very lucrative position for this company. The hotel has two floors dedicated to 32 guest rooms. There are 15 employees, who are employed for the service station. The hotel employees 4 housekeepers, 3 managers, 4 security officers 6 clerks and 2 maintenance personnel. The total employees included in this security plan are 34 employees. Security Layout The security features in place include security cameras that are strategically placed throughout the premises, two way mirrors, parking lot lighting, security officers, door censors, smoke detectors and fire extinguishers. The security office and its’ personnel will monitor all cameras and receive the censor warnings that are placed on the entrance doors, stairways, elevator, pool and playground area. Each hotel room is equipped with a smoke detector. Both room floors are monitored with a security camera and have a fire extinguisher and first aid kit strategically placed. The elevator is equipped with a camera, smoke detector, fire extinguisher, first aid kit and a sensor. General Information. This essay includes the floor plan design for the hotel/ store, a list of......

Words: 1439 - Pages: 6

Free Essay

Security Plan

...The Security Plan The name of my target environment is Western Cash Advance. Western Cash Advance is an establishment that issues individuals payday loans. A payday loan is when someone is issued a loan until their next payday and a personal check is used as collateral. There is cash on hand in this business on a daily basis because they only issue cash to their customers as well as except only cash for payments. This store is normally run by two people but on many occasions there is only one employee in the store at a time. The basic floor plan to this business is an office space in a small strip mall that consists of three stores. The size of the store is approximately 900 sq. feet. It is one room that has a sectional desk where customers are assisted and another desk in the back of the room. The lobby consists of one big round table and six chairs that are situated around the lobby. There is a door on the back wall that leads to a hallway. In the hallway there is a bathroom and two storage closets. This business has a very basic open floor plan. When it comes to the current security features it is very limited. When going by the three models in physical security, which is the dynamic D’s, lines of defense, and internal/external threat identification, this business definitely needs some improvement (Clifford, 2004). The only security features that this establishment contains are a security alarm system, one motion detector, and one panic button. The outer perimeter has......

Words: 937 - Pages: 4