Assignment: Residency Case Study

Introduction

The growth and explosion of the internet has led to a global market place. Companies can sell products all over the world and never have to leave the bounds of their physically secure location. With this move to a global economy we see an increase in security threats to organizations, individuals and agencies. All these models must have an information system to process, store, and retrieve information for their internal stakeholders, customers, and external users. Information systems have inherent risks and vulnerabilities to attacks from internal users, external customers, hackers and criminals. Organizations must have a robust security program in place to meet these attacks and be proactive in their security stance.

Your group has the responsibility of creating a robust security policy that covers all the needs of the organization. The security policy identifies administrative, physical, and technical controls that must be in place to identify security risks and develop mitigation strategies to minimize the effects of these risks. You will evaluate the IT infrastructure of Solomon Enterprises and its global business model.

Organizational structure

Solomon Enterprises employees 500 people in five different locations throughout the domestic United States. Solomon Enterprises generates $200 million in annual revenue through its business model so they would be a huge target for hackers or criminals. Their business products can be purchased through an online web site. They have one central database/data center located in West Virginia and regional offices in Florida, Texas, Arizona, Montana, and Missouri. Customers, clients, and users have access via the Internet throughout the world. The company has a disaster recovery site located in Billings, Montana. Solomon Enterprises users can work remotely or within one of the regional offices. They have a VPN connection that ensures that their connection is encrypted. The central data center has a firewall and each regional office has a firewall to monitor traffic and keep unauthorized access from the facility. They have company issues devices located within the office and laptops that can be taken for remote access. All these devices are running Windows XP and their server is running Windows 2003.

Objective

The goal of your group is to develop a plan that evaluates the current security posture of the organization of the company and what controls need to be put into place to safeguard their information. You only have the brief synopsis for guidance so if something is not identified either it is not being done or they do not have enough information to provide you. Use your text as the key source when determining what security controls need to be in place for your company. Ensure that you cover each component that we have discussed within our class room videos in order to increase the security posture of your organization.

Minimum components that must be covered

1. Introduction

Introduce your organization, security posture and business model

2. Administrative controls

i.e., Backgrounding employee's/training employees/any agreements

3. Physical Controls

Physical protection of the facility

4. Technical Controls

i.e., firewall, user identification, passwords, event logs, IDPS, encryption, etc.

5. Security Policies

What security policies will need to be built into your company's overall existing security program to ensure that data is safeguarded, i.e., media destruction policy, incident response policy, acceptable use policy, etc.

6. Legislation/Regulations or industry standards

How do legislation and regulations affect and govern your company. Identify one federal legislative component and one regulation/industry standard that could impact your company. These should focus on IT security, Cyber security, etc. Graham Leach Billey Act.

7. Network Security Tools

What tools are instrumental in monitoring, detecting, and alerting your company when an someone is trying to gain unauthorized access to your organizations network. Wireshark, Nessus, Snort, etc. are good examples of tools

8. Conclusion.

Power point presentation

1. Starts promptly at 8am on Sunday. Presentations will be submitted for grading Saturday
2. Presentation will be put on thumb drives
3. All students will take part of presenting
4. 15-minute max on presentation
5. Groups will randomly present
6. Must be APA formatted
7. Bullets must be limited with information, i.e., do not put long paragraphs
8. Practice presenting, have a timer
9. 1 minute per slide
10. Putting the presentation on overhead to determine if it can be seen.
11. When you are presenting please do not talk to other team members and take away from group presentation.
12. Limit walking in front of presenting groups.

Format your assignment according to the following formatting requirements:

1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.

2. The response also includes a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.

3. Also include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.