PACS 5

profileHansbke17
SecurityPlan.docx
Home>Computer Science homework help>PACS 5

Running head: SECURITY PLAN 2

Security Plan

Kenneth Hansberry

University of Maryland University College

Professor: Kendice Middleton

Date 12/02/2017

MEMORANDUM

TO: CIO

FROM:

DATE: November 28, 2017

SUBJECT: SECURITY PLAN

Due to the increased security threats and attacks that have been reported all across the world, it is necessary that the company designs a security plan. In the plan a detailed security policy will be developed to ensure that all the employees conduct their business in a secure manner. A security policy refers to a document that highlights how users should conduct themselves when using the organization's network or assets. It sets out the do’s and doesn't when using the network for information transfer (Bayuk 2012). The company requires a security policy in place to prevent network failures, intrusion or exploitation of their network. The policy will separate the network users, have a regulated access to internet sites and grant different access privileges for different users. The policy will cover the following major areas; computer acceptable use by employees and students including desktop and mobile use, password requirements such as the setting of strong passwords that cannot be easily brute forced, the email policy that includes opening and sending of company emails, browser configuration when browsing, remote access and server use, storage and backup devices and lastly an incidence response plan.

Also the security plan will identify the physical security devices that should be put in place to protect the company’s network from external attacks. These can include intrusion detection and prevention systems that will be put in place to ensure that the company receives alerts on any malicious activity or attack that takes place on the network. Also, the company will also set out a secure data transfer channel to ensure that all data in the network in encrypted and therefore cannot be of use to those who manage to illegally intercept the data. The security plan will highlight all the aspects of disaster recovery and also business continuity.

References

Bayuk, J. (2012). Cyber security policy guidebook. Hoboken, N.J: Wiley.