Unit 4 Assignment 4
Unit 4 Assignment 4.3
Implementation of a Data Classification Policy
Risk Assessment
One the first steps in implementing an effective security plan is to periodically assess Organizational risks. Identifying and mitigating risk will help in establishing a security management structure and assigning security responsibilities. Without having an understanding of your risk you are unable to determine the proper security policies, procedures, guidelines, and standards to put in place to ensure adequate security controls are implemented. The risk assessment provides a baseline for implementing security plans to protect assets against threats. Within the risk assessment some basic questions must be answered, What assets within the organization need protection, What are the risks to each of these assets, How much time, effort, and money is the organization willing to spend to upgrade or obtain new adequate protection against these threats?
Developing an Effective Organization-wide Access Control Plan
Because the management of security groups, ACLs, and security settings need to be careful planned, and creating an access control plan that could assist in preventing standard security problems from occurring. Standard security problems that want to prevent from occurring are: Inefficiently protecting network resources and assigning users too much rights and permissions, or too little rights and permissions to perform their daily tasks, or continuously performing ad hoc security configurations to correct security settings. Access control plan will include, Security Strategies: This component will outline general security strategies that deals with all possible threats identified as security risks. Permissions will be given to different users according to their position in the Organization, and security groups should be defined so permissions can be implemented effectively. Security policies: Will determine the configuration settings implement for the Security Settings of
Implementation of a Data Classification Policy
Risk Assessment
One the first steps in implementing an effective security plan is to periodically assess Organizational risks. Identifying and mitigating risk will help in establishing a security management structure and assigning security responsibilities. Without having an understanding of your risk you are unable to determine the proper security policies, procedures, guidelines, and standards to put in place to ensure adequate security controls are implemented. The risk assessment provides a baseline for implementing security plans to protect assets against threats. Within the risk assessment some basic questions must be answered, What assets within the organization need protection, What are the risks to each of these assets, How much time, effort, and money is the organization willing to spend to upgrade or obtain new adequate protection against these threats?
Developing an Effective Organization-wide Access Control Plan
Because the management of security groups, ACLs, and security settings need to be careful planned, and creating an access control plan that could assist in preventing standard security problems from occurring. Standard security problems that want to prevent from occurring are: Inefficiently protecting network resources and assigning users too much rights and permissions, or too little rights and permissions to perform their daily tasks, or continuously performing ad hoc security configurations to correct security settings. Access control plan will include, Security Strategies: This component will outline general security strategies that deals with all possible threats identified as security risks. Permissions will be given to different users according to their position in the Organization, and security groups should be defined so permissions can be implemented effectively. Security policies: Will determine the configuration settings implement for the Security Settings of