Kirk Patrick Samuda, Kirk Samuda, Information Security and Roles
Using Roles Paper
Kirk Samuda
CMGT/545
August, 2009
Professor Juan Van
McBride Financial Services in its effort to control data access must emphasize on the need for all networking administrators to carefully restrict employee’s data access privilege, based on the role each employee is assigned within the organization. It is essential for the company to outline in its Business Requirement Document (BRD) the need for each employee to be assigned specific separating duties, and that a Networking Requirements Document (NRD) is used to capture and define the names, department, privileges and roles to be assigned to each employee (user). Paramount to the implementation of this process is the design and planning phase of a network infrastructure that will include the setting up of an IP Addressing Scheme, and the application of IP addresses to the network interfaces. McBride Financial Services must initiate the creation of Organizational Units via the Network Requirements Documents, an active directory structure that assigns users to network components while conforming to a logical schema that organizes directory objects while managing shared resources and network accounts. This procedure is essential to the separating of duties within the company, and imperative to the type of access users are granted within a restrictive domain. If users’ access to data is dependent on the role they play within the organization, it may be necessary to consider a domain forest, especially in a company with different locations, for the preservation of effective security that is designed around domain trees that share a contiguous namespace. The I.T Department during the initial network design phase must consider the use of subnets assigned specific IP addresses and network mask, for the primary purpose of confining users to specific directories and resources within the network. This procedure is useful in ensuring that users only have access to the folders and
Kirk Samuda
CMGT/545
August, 2009
Professor Juan Van
McBride Financial Services in its effort to control data access must emphasize on the need for all networking administrators to carefully restrict employee’s data access privilege, based on the role each employee is assigned within the organization. It is essential for the company to outline in its Business Requirement Document (BRD) the need for each employee to be assigned specific separating duties, and that a Networking Requirements Document (NRD) is used to capture and define the names, department, privileges and roles to be assigned to each employee (user). Paramount to the implementation of this process is the design and planning phase of a network infrastructure that will include the setting up of an IP Addressing Scheme, and the application of IP addresses to the network interfaces. McBride Financial Services must initiate the creation of Organizational Units via the Network Requirements Documents, an active directory structure that assigns users to network components while conforming to a logical schema that organizes directory objects while managing shared resources and network accounts. This procedure is essential to the separating of duties within the company, and imperative to the type of access users are granted within a restrictive domain. If users’ access to data is dependent on the role they play within the organization, it may be necessary to consider a domain forest, especially in a company with different locations, for the preservation of effective security that is designed around domain trees that share a contiguous namespace. The I.T Department during the initial network design phase must consider the use of subnets assigned specific IP addresses and network mask, for the primary purpose of confining users to specific directories and resources within the network. This procedure is useful in ensuring that users only have access to the folders and