Security Policy IT Security Policy Term Paper

Open, View, and/or
Download this Document

Total Length: 1080 words ( 4 double-spaced pages)

Total Sources: 4

Page 1 of 4

Organizational security strategies must be designed for agility and speed through the use of state-of-the-art systems that can quickly be reconfigured to match changing roles in an organization. Organizational security will be defined through role-based access, configurable through authenticated, clearly delineated processes that can be administered at the administrator level (Hone, Eloff, 2002).

The organizational security strategy will also be designed on the empirically validated Confidential, Integrity and Availability (CIA) triad model that successfully balances the need for data accuracy, security and access. Metrics and analytics will also be used for tracking the effectiveness of this strategy, as CIA-based implementations can be quantified from a reconciliation network performance standpoint (Gymnopoulos, Tsoumas, Soupionis, et. al., 2005).

Access Control and Cryptography Security

The it security policy will require the use of a proxy server-based approach to defining access control, authentication and cryptography. As there are a myriad of new technologies being released in this area, it is imperative that a Certificate Server-based authentication workflow be designed to ensure the goals of the organization can be achieved while information assets and systems are protected (Cisco Tutorial, 2013). Figure 2 illustrates the recommended configuration for the authentication and cryptography server (Hegyi, Maliosz, Ladanyi, Cinkler, 2005).

Stuck Writing Your "Security Policy IT Security Policy" Term Paper?

View All Our Example Security Policy IT Security Policy Term Paper

Have A Custom Example Essay Written



Figure 2: Using a Certificate Server for a Secured Network

Sources: (Cisco Tutorial, 2013) (Hegyi, Maliosz, Ladanyi, Cinkler, 2005) (Opus One, 2013)

Laws and Regulatory Compliance

As the organization is a publically-traded entity with operations globally, reporting requirements include compliance to the Sarbanes-Oxley (SOX), which has specific data access, retrieval and reporting requirements including the reporting of material events electronically. Reporting material events, creating and keeping audit logs up-to-date, and also ensuring continually created and reported financial data is secured to SOX levels of compliance (Lee, Wong, Kim, 2012) is a core requirement of this it security plan. In addition it is a requirement of this plan that all security system logs and activity be stored in 256-bit encrypted files and system that are consistent with certification server requirements. Laws and regulatory compliance standards will be defined by the CIO and it security operating committee, with dashboards and periodic reporting requirements also completed to ensure the organization meets and exceeds federal, state and local reporting requirements. The use of dashboards and advanced reporting systems is a critical success factor in the managing of it security polices to strategically-driven goals and objectives (Lee, Wong,.....

Show More ⇣

     Open the full completed essay and source list


OR

     Order a one-of-a-kind custom essay on this topic


sample essay writing service

Cite This Resource:

Latest APA Format (6th edition)

Copy Reference
"Security Policy IT Security Policy" (2013, June 20) Retrieved May 9, 2024, from
https://www.aceyourpaper.com/essays/security-policy-security-policy-92270

Latest MLA Format (8th edition)

Copy Reference
"Security Policy IT Security Policy" 20 June 2013. Web.9 May. 2024. <
https://www.aceyourpaper.com/essays/security-policy-security-policy-92270>

Latest Chicago Format (16th edition)

Copy Reference
"Security Policy IT Security Policy", 20 June 2013, Accessed.9 May. 2024,
https://www.aceyourpaper.com/essays/security-policy-security-policy-92270
   

Open, View, and/or
Download this Document
order custom essay example