Preview

9-Iron Country Club Case Study

Satisfactory Essays
Open Document
Open Document
449 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
9-Iron Country Club Case Study
Scope
Design a remote access solution for the 9-Iron Country Club. This report includes the following considerations:
Needs and desires of customers and club members – available services, time availability, and network design
Risk management or assessment – protection of confidential and personally identifiable Information (PII)
Data classification and security requirements – what measures will be implemented to protect the three states of data
The nature of telework and remote access technologies – permitting access to protected resources from external networks and often external hosts as well, generally places them at higher risk than similar technologies only accessed from inside the organization, as well as increasing the risk to the internal
…show more content…

Risk Management or Assessment/Major Security Concerns
Lack of Physical Security Controls – primary mitigation strategies are encrypting the client device’s storage or not storing sensitive data on the client device
Unsecured Networks – Risk from using unsecured networks can be mitigated but not eliminated. Us encryption technologies to protect the confidentiality and integrity of communications, as well as using mutual authentication mechanisms to verify the identities of both endpoints
Infected Devices on Internal Networks – Use appropriate anti-malware technologies; network access control (NAC), possible use of a separate network for telework client devices
External Access to Internal Resources – Servers made available through external access should be appropriately hardened against external threats and access to the resources are limited to the minimum necessary firewalling and access control mechanisms (Scarfone, 2009).
Data Classification and Security Requirements
Encrypting Data at Rest – encrypt all sensitive data when it is at rest on the device and on removable media used by the device. Employ storage encryption


You May Also Find These Documents Helpful

  • Good Essays

    It is the responsibility of Remote Users to make sure that reasonable measures have been taken to secure the Remote Host used to access Richman IT Resources. This standard applies to all Remote Users of Richman IT Resources including staff, outside contractors, vendors, and other agents. Remote Access Security Standards All Remote Users must follow the security requirements set forth in this standard for any Remote Host accessing IT Resources prior to such access, as well as any guidelines, procedures, or other requirements issued by their departmental IT units and the owners of the IT Resource which are to be remotely accessed. Remote User responsibilities are described below: Remote User Requirements: Remote Users must make sure that their Remote Hosts used to access Richman IT Resources meet all security expectations specified in the End User Guidelines Security prior to accessing any Richman IT…

    • 438 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    Data Classification Standards help Richman Investments to consistently define how this organization should handle and secure our various types of data. This report will focus on the internal use only data and how each of these domains are affected by these standards. Internal use only data refers to information that may or may not be confidential. It is imperative that our organization keep this information in house and away from the public and realize the Domains that need to be addresses with these rigid standards. The three standards that are at the top of the list for our company that will be directly affected are the User, Work Station, and LAN Domains.…

    • 789 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Goo Spillane Summary

    • 125 Words
    • 1 Page

    Emilio Aguinaldo also released some American prisoners so they could tell their own stories. In a Boston Globe article entitled "With the Goo Goo's" Paul Spillane described his fair treatment as a prisoner. Emilio Aguinaldo had even invited American prisoners to the naming of his baby and had given each a present of four dollars, Spillane (remembered and retold).…

    • 125 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    Assignment 4 Nt2580

    • 485 Words
    • 2 Pages

    1. Will be the responsibility of Richman Investments employees, affiliates, vendors and agents with remote access privileges to Richman Investment's corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman Investment.…

    • 485 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    The data classification policy is intended to provide a framework for classifying a company’s data based on its level of sensitivity. Data classification entails analyzing the data an organization retains, determining its importance and value, and then assigning it to a category. Data is classified to help determine baselines for security controls in that will be implemented to protect the data.…

    • 288 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    NT 2580 Project Part 2

    • 2096 Words
    • 9 Pages

    Issue two. Based on the premise that most of the managers have BlackBerry devices for instant communications and all employees are provided cell phones, you must research and detail the cryptography methods to protect organizational information using techniques that ensure its integrity, confidentiality, authenticity, and non-repudiation, and the recovery of encrypted information in its original form.…

    • 2096 Words
    • 9 Pages
    Powerful Essays
  • Satisfactory Essays

    Unit 3 Assignment 3

    • 288 Words
    • 1 Page

    Data classification policy is important for securing data from risks, which includes unauthorized users, modification, disclosure, access, use, and removal. This is to ensure protection on data assets from unauthorized users. Data must be maintained in a secure, accurate and reliable manner and be available for authorized use. In order to implement security measures, the data must be classified into categories like; confidential, restricted, and public. Confidential and restricted will be required some sort of access mechanism to authenticate anyone who wants to access any classified documents. In order to construct a Classification policy, one must know what type of data are available, where they are located, what type of access levels are implemented and what protection level is implemented and does it adhere to compliance regulations.…

    • 288 Words
    • 1 Page
    Satisfactory Essays
  • Good Essays

    operations in organisations and business environments. Security threats on the remote machines can always be averted easily and their impacts are not as serious compared to threats on the central computer system (Kaufman et al, 2002).The central computer system is a valuable resource that must be secured to ensure continued operation in the organisation. Securing a central computer network is the key to ensuring network security in any institution (Kaeo, 1999).…

    • 349 Words
    • 2 Pages
    Good Essays
  • Good Essays

    The data must be kept secure against unlawful or unauthorised processing, accidental loss or erasure.…

    • 1120 Words
    • 5 Pages
    Good Essays
  • Good Essays

    1)Data protection: Ensure all information is stored in a secure place and no information is given out if unsure.…

    • 1527 Words
    • 7 Pages
    Good Essays
  • Good Essays

    1. Everyone has the right to respect for his private and family life, his home and his correspondence.…

    • 559 Words
    • 3 Pages
    Good Essays
  • Better Essays

    Almost everyone now days has some computer device on them almost all the time, people are always checking social media through smartphones or performing some online activity. The online infrastructure has endpoints; these endpoints transmit data. Businesses use many technologies to assist them in providing certain personal information that needs to be protected. For example, law enforcement uses computer devices to search for information on a suspect. There are other technologies such as monitoring devices from hospitals that allow real-time feedback of the patient's vitals. Many individuals use laptops or smartphones to access his or her online banking account to transfer, withdraw, or deposit money. All of the information that is gathered and stored online becomes vulnerable, and if…

    • 780 Words
    • 3 Pages
    Better Essays
  • Good Essays

    TDA 2.3 (3.3, 3.4)

    • 1799 Words
    • 6 Pages

    Information and Communication Support Officer, (2004) Plymouth City Council. Retrieved October 18 2013 from http://www.plymouth.gov.uk/freedom_of_information_what_schools_need_to_know.pdf…

    • 1799 Words
    • 6 Pages
    Good Essays
  • Satisfactory Essays

    As The Organization

    • 338 Words
    • 2 Pages

    Proper management of user accounts will ensure the information and access to devices on the network confidential.…

    • 338 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    Level 3 Teaching Assistant

    • 1040 Words
    • 5 Pages

    Personal data- This includes names and addresses, medical or health records, dates of birth, etc. It needs to be kept secure.…

    • 1040 Words
    • 5 Pages
    Powerful Essays