Nt2580 Unit 1 Research Paper
Unit 1 Assignment 2 | Impact of a Data Classification Standard | | NT2580 Information Security | | Fernando Gomez Cabral | 3/24/2013 | |
In regards to the Internal Use Only data classification field, there are different IT infrastructure domains that can be affected. After researching I have decided that these are at the top of that list: the User Domain, the Workstation Domain, and the LAN Domain. I will identify each domains weaknesses individually. The User Domain is the most important because the user can easily create a problem within the network, therefore can be considered the weakest link. The user domain defines the people who access an organizations network and IT infrastructure. In the user domain you will find an acceptable use policy, also known as an AUP. An AUP defines what a user can and cannot do within the organization. Some of the don’ts include but are not limited to malicious emails to and from other co-workers, breaking security policies by entering co-workers workstations, inappropriate web browsing that can lead to viruses, as well as uploading and downloading music, …show more content…
videos, and pictures off the internet. The user can also go as far as stealing important data from the company through USB flash drives, as well as inserting viruses the through these devices. It would be a good idea to monitor any problem or disgruntled employees and any strange activity on the network. The Workstation Domain is of course where users connect to the company’s network.
This can be through a desktop, company laptops, tablets, or any device that connects to the network. Employees should always remember to log off their workstations to avoid unauthorized use as well as not giving out their passwords to co-workers. A good idea is to enable the screen lockout when the desktop is idle. Also block or limit user rights to download, install software, and their access to certain files on the web. This can decrease the threat of viruses, malware, and any harmful files being seen, downloaded, and installed into the system through the workstation. It is very easy for threats to spread throughout the network so it is very important to have a top shelf Anti-virus in place and enable it to scan any CD, DVD, or USB drives inserted into the
workstation. The Local Area Network or (LAN) is a collection of computers that are connected to one another or to a common connection medium. It is very important that it has strong security and access controls. It can access company-wide systems, applications, and confidential data. Any unauthorized access can compromise the integrity of the infrastructure. The LAN Domain can also consist of data closets and server rooms. It is very important to keep these areas off limits, locked, and secure to reduce the threat of unauthorized access. Also, ensure that a strict access control policy and standards are in place and enforced.
Sources:
Kim, David, and Michael Solomon. "Fundamentals of Information Systems Security.Jones & Bartlett Learning, http://www.datasecuritypolicies.com/data-classification-policy-template/. http://www.yourwindow.to/information-security/gl_dataclassification.htm.
In regards to the Internal Use Only data classification field, there are different IT infrastructure domains that can be affected. After researching I have decided that these are at the top of that list: the User Domain, the Workstation Domain, and the LAN Domain. I will identify each domains weaknesses individually. The User Domain is the most important because the user can easily create a problem within the network, therefore can be considered the weakest link. The user domain defines the people who access an organizations network and IT infrastructure. In the user domain you will find an acceptable use policy, also known as an AUP. An AUP defines what a user can and cannot do within the organization. Some of the don’ts include but are not limited to malicious emails to and from other co-workers, breaking security policies by entering co-workers workstations, inappropriate web browsing that can lead to viruses, as well as uploading and downloading music, …show more content…
videos, and pictures off the internet. The user can also go as far as stealing important data from the company through USB flash drives, as well as inserting viruses the through these devices. It would be a good idea to monitor any problem or disgruntled employees and any strange activity on the network. The Workstation Domain is of course where users connect to the company’s network.
This can be through a desktop, company laptops, tablets, or any device that connects to the network. Employees should always remember to log off their workstations to avoid unauthorized use as well as not giving out their passwords to co-workers. A good idea is to enable the screen lockout when the desktop is idle. Also block or limit user rights to download, install software, and their access to certain files on the web. This can decrease the threat of viruses, malware, and any harmful files being seen, downloaded, and installed into the system through the workstation. It is very easy for threats to spread throughout the network so it is very important to have a top shelf Anti-virus in place and enable it to scan any CD, DVD, or USB drives inserted into the
workstation. The Local Area Network or (LAN) is a collection of computers that are connected to one another or to a common connection medium. It is very important that it has strong security and access controls. It can access company-wide systems, applications, and confidential data. Any unauthorized access can compromise the integrity of the infrastructure. The LAN Domain can also consist of data closets and server rooms. It is very important to keep these areas off limits, locked, and secure to reduce the threat of unauthorized access. Also, ensure that a strict access control policy and standards are in place and enforced.
Sources:
Kim, David, and Michael Solomon. "Fundamentals of Information Systems Security.Jones & Bartlett Learning, http://www.datasecuritypolicies.com/data-classification-policy-template/. http://www.yourwindow.to/information-security/gl_dataclassification.htm.