Information Security

Group Work (135 points) - This is an group assignment. My part of the assignment is the highlighted and underlined portion in the assignment details below called Social Engineering Safeguards. My part should only be 2-3 pages. 

Ignore the 7-10 pages portion of instructions. That's what we will turn in as a group. 

Assignment Details:

Your group is working for a global organization that handles highly classified intellectual property. In many situations and scenarios, the implementation and operations teams have been creating and setting up environments that violate your vision for security. After discussing the situation with various parties, they all admit they do not fully know or understand what is expected from them as they set up and configure the environment. To solve this situation, your group has been asked to create a network security policy for the organization. 

Each group member will choose an element of the policy to design and the group will collaborate on what the overall design and outline should look like and include components from end user behavior and training plan, file and folder access, social engineering safeguards, bring your own device policies, use of external drives on company assets, security hardware, penetration testing, and affiliation of the information security department with law enforcement agencies. Students may either interview someone in the local FBI field office or research the FBI and DHS Web sites related to information sharing programs that the government offers, as this could be advantageous to the organization’s information security program.

• To keep the scope narrow, your group should first describe what should be included and what should not be included in the policy (remember that a policy should clearly set management's expectations).  
• After the scope has been defined, research the various components, and create an appropriate policy. 

Prepare a Word document of 7-10 pages (excluding title page, abstract and references page) that includes the network security policy for an organization that addresses all of the stated design requirements. It should be in APA format, including an introduction and conclusion.