The thrust of the Computer Security Plan

The thrust of the Computer Security Plan part of the Business Plan is to ensure that the information systems to be deployed by the company will be in line with of the strategic mission and vision of the company. In order to insure that the information technology infrastructure and resources will meet the requisite requirements of every strategic, tactical and operational plan, the company decided to start on the right footing by adapting the standards contained in the ISO/IEC 17799:2005 or specifically known as the Information Technology – Security Techniques – Code of Practice for Information Security Management. By purchasing the ISO 17799 Toolkit, the company can follow the roadmap for a more secure information systems environment, implement the policies contained in the toolkit, and eventually obtain ISO 17799 certification to add more value to the consulting business.

Specifically, the company will initially address the following areas that require immediate attention:

1.User authentication methods and policies – This will be based on Section 11.1.1 of ISO 17799 wherein, “An access control policy should be established, documented, and reviewed based on business and security requirements for access. Access control rules and rights for each user or group of users should be clearly stated in an access control policy. Access controls are both logical and physical and these should be considered together. Users and service providers should be given a clear statement of the business requirements to be met by access controls.”

2.Desktop policies – This will be based on Sections 11.3.2 Unattended user equipment and 11.3.3 Clear desk and clear screen policy wherein, “Users should ensure that unattended equipment has appropriate protection. All users should be made aware of the security requirements and procedures for protecting unattended equipment, as well as their responsibilities for implementing such protection. Users should be advised to terminate active sessions when finished, unless they can be secured by an appropriate locking mechanism, e.g. a password protected screen saver; log-off mainframe computers, servers, and office PCs when the session is finished; secure PCs or terminals from unauthorized use by a key lock or an equivalent control. A clear desk policy for papers and removable storage media and a clear screen policy for information processing facilities should be adopted.”

3.Remote user authentication methods and policies – This will be based on Section 11.4.2 User authentication for external users of ISO 17799 wherein, “Appropriate authentication methods should be used to control access by remote users. Authentication of remote users can be achieved using, for example, a cryptographic based technique, hardware tokens, or a challenge/response protocol. Possible implementations of such techniques can be found in various virtual private network (VPN) solutions. Dedicated private lines can also be used to provide assurance of the source of connections. Dial-back procedures and controls, e.g. using dial-back modems, can provide protection against unauthorized and unwanted connections to an organization’s information processing facilities. This type of control authenticates users trying to establish a connection to an organization’s network from remote locations.”

4.Password policy – This will be based on Section 11.3.1 Password use of ISO 17799 wherein, “Users should be required to follow good security practices in the selection and use of passwords. All users should be advised to keep passwords confidential; avoid keeping a paper or software record of passwords, unless this can be stored securely and the method of storing has been approved; change passwords whenever there is any indication of possible system or password compromise; select quality passwords with sufficient minimum length which are easy to remember; not based on anything somebody else could easily guess or obtain using person related information; not vulnerable to dictionary attacks; free of consecutive identical, all-numeric or all-alphabetic characters; change passwords at regular intervals or based on the number of accesses, and avoid re-using or cycling old passwords; change temporary passwords at the first log-on; not include passwords in any automated log-on process, not use the same password for business and non-business purposes.”

5.Communication process for email, secure file exchange via email – This will be based on Section 10.1.1 Documented operating procedures of ISO 17799 wherein, “Operating procedures should be documented, maintained, and made available to all users who need them. Documented procedures should be prepared for system activities associated with information processing and communication facilities, such as computer start-up and close-down procedures, backup, equipment maintenance, media handling, computer room and mail handling management, and safety. Operating procedures, and the documented procedures for system activities, should be treated as formal documents and changes authorized by management. Where technically feasible, information systems should be managed consistently, using the same procedures, tools, and utilities.”

To further manage the information technology infrastructure and resources, the plan calls for the adoption of the “best-of-breed” approach by way of making certain that the building blocks of information security (Shaurette 2002) are fully exploited. These building blocks include the optimum use of security policies, authentication, access control, anti-virus/content filtering systems, virtual private networking (VPN)/encryption methodologies, vulnerability services consulting, intrusion protection system, and public key infrastructure (PKI)/certification authorities (CA)/digital signatures systems. This is considered to be the first step towards finding a technique for modeling and evaluating the security of a system (Stjerneby 2002).

Calculate the price
Make an order in advance and get the best price
Pages (550 words)
$0.00
*Price with a welcome 15% discount applied.
Pro tip: If you want to save more money and pay the lowest price, you need to set a more extended deadline.
We know how difficult it is to be a student these days. That's why our prices are one of the most affordable on the market, and there are no hidden fees.

Instead, we offer bonuses, discounts, and free services to make your experience outstanding.
How it works
Receive a 100% original paper that will pass Turnitin from a top essay writing service
step 1
Upload your instructions
Fill out the order form and provide paper details. You can even attach screenshots or add additional instructions later. If something is not clear or missing, the writer will contact you for clarification.
Pro service tips
How to get the most out of your experience with MyStudyWriters
One writer throughout the entire course
If you like the writer, you can hire them again. Just copy & paste their ID on the order form ("Preferred Writer's ID" field). This way, your vocabulary will be uniform, and the writer will be aware of your needs.
The same paper from different writers
You can order essay or any other work from two different writers to choose the best one or give another version to a friend. This can be done through the add-on "Same paper from another writer."
Copy of sources used by the writer
Our college essay writers work with ScienceDirect and other databases. They can send you articles or materials used in PDF or through screenshots. Just tick the "Copy of sources" field on the order form.
Testimonials
See why 20k+ students have chosen us as their sole writing assistance provider
Check out the latest reviews and opinions submitted by real customers worldwide and make an informed decision.
Business and administrative studies
excellent job! got an A, thank you
Customer 452773, May 24th, 2023
Business and administrative studies
excellent work
Customer 452773, March 12th, 2023
Management
Thank you!!! I received my order in record timing.
Customer 452551, February 9th, 2021
Business and administrative studies
perfect
Customer 452773, February 23rd, 2023
History
Don't really see any of sources I provided, but elsewise its great, thank you!
Customer 452697, May 8th, 2021
Business and administrative studies
Thank you
Customer 452773, March 19th, 2023
FIN571
excellent
Customer 452773, March 15th, 2024
Managerial Accounting & Legal Aspects of Business ACC/543
excellent work
Customer 452773, February 7th, 2024
Human Resources Management (HRM)
excellent work
Customer 452773, July 3rd, 2023
business
Great job
Customer 452773, February 13th, 2023
Criminal Justice
This has been the greatest help while I am recovering from an illness. Thank your team so much.
Customer 452671, May 2nd, 2021
Business and administrative studies
excellent work
Customer 452773, March 9th, 2023
11,595
Customer reviews in total
96%
Current satisfaction rate
3 pages
Average paper length
37%
Customers referred by a friend
OUR GIFT TO YOU
15% OFF your first order
Use a coupon FIRST15 and enjoy expert help with any task at the most affordable price.
Claim my 15% OFF Order in Chat
Close

Sometimes it is hard to do all the work on your own

Let us help you get a good grade on your paper. Get professional help and free up your time for more important courses. Let us handle your;

  • Dissertations and Thesis
  • Essays
  • All Assignments

  • Research papers
  • Terms Papers
  • Online Classes
Live ChatWhatsApp