Wireless Security Policy Paper
Week 8 Wireless Security Polices for Banking
Robert Cole Smith
Dr. E. Otto
Cis 513
11/27/2014
Write a four to six (4-6) page wireless security policy for a medium-sized banking organization using the following structure
Wireless Security Policy Overview A wireless policy for a medium-sized banking organization will need to deploy a wireless LAN to the network and there will not need to be onsite IT staff as that can be outsourced to various vendors and business specializing in such. The remote access can be manage by a standalone intelligent access point which will integrated the wireless LAN by streamline the configuration and management the system. The Network infrastructure that will be in use will integrate …show more content…
Program policies: addresses overall IT security goals and it should apply to all IT resources within an institution. The institution’s president or an appointed representative must direct policy development to ensure that the policies address the IT security goals of all systems operating within the institution. For instance, program policies can address confidentiality or service availability. All program policies should meet the following criteria: Comply with existing laws, regulations, and state and federal policies. Support and enforce the institution’s mission statement and organizational structure. The components of an adequate program policy are defined as System-specific policies: addresses the IT security issues and goals of a particular system. Large facilities may have multiple sets of system-specific policies that address all levels of security from the very general to the particular (system permissions that reflect the segregation of duties among a group of employees). Issue-specific polices will address particular IT security issues such as, Internet access, installation of unauthorized software or equipment, and sending/receiving e-mail attachments. Complying with regulations such as: The Health Insurance Portability and Accounting Act, The Gramm-Leach-Bliley Act , The Sarbanes-Oxley Act , and Massachusetts 201 CMR 17.00, …show more content…
Financial institutions should actively monitor and notify security alert organizations for notices related to their wireless application services. Banks should also consider divulging informationto customers when wireless Internet devices that require the use of communications protocols deemed insecure will no longer be supported by the institution. The financial institution should consider having regular independent security testing performed on its wireless customer access application. Specific testing goals would include the verification of appropriate security settings, the effectiveness of the wireless application security implementation and conformity to the institution 's stated standards. The security testing should be performed by an organization that is technically qualified to perform wireless testing and demonstrates appropriate ethical
Robert Cole Smith
Dr. E. Otto
Cis 513
11/27/2014
Write a four to six (4-6) page wireless security policy for a medium-sized banking organization using the following structure
Wireless Security Policy Overview A wireless policy for a medium-sized banking organization will need to deploy a wireless LAN to the network and there will not need to be onsite IT staff as that can be outsourced to various vendors and business specializing in such. The remote access can be manage by a standalone intelligent access point which will integrated the wireless LAN by streamline the configuration and management the system. The Network infrastructure that will be in use will integrate …show more content…
Program policies: addresses overall IT security goals and it should apply to all IT resources within an institution. The institution’s president or an appointed representative must direct policy development to ensure that the policies address the IT security goals of all systems operating within the institution. For instance, program policies can address confidentiality or service availability. All program policies should meet the following criteria: Comply with existing laws, regulations, and state and federal policies. Support and enforce the institution’s mission statement and organizational structure. The components of an adequate program policy are defined as System-specific policies: addresses the IT security issues and goals of a particular system. Large facilities may have multiple sets of system-specific policies that address all levels of security from the very general to the particular (system permissions that reflect the segregation of duties among a group of employees). Issue-specific polices will address particular IT security issues such as, Internet access, installation of unauthorized software or equipment, and sending/receiving e-mail attachments. Complying with regulations such as: The Health Insurance Portability and Accounting Act, The Gramm-Leach-Bliley Act , The Sarbanes-Oxley Act , and Massachusetts 201 CMR 17.00, …show more content…
Financial institutions should actively monitor and notify security alert organizations for notices related to their wireless application services. Banks should also consider divulging informationto customers when wireless Internet devices that require the use of communications protocols deemed insecure will no longer be supported by the institution. The financial institution should consider having regular independent security testing performed on its wireless customer access application. Specific testing goals would include the verification of appropriate security settings, the effectiveness of the wireless application security implementation and conformity to the institution 's stated standards. The security testing should be performed by an organization that is technically qualified to perform wireless testing and demonstrates appropriate ethical