StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Organization Security Plan - Outline Example

Cite this document
Summary
The writer of the paper “Organization Security Plan” states that Unless the department of defence understands different aspects of computer and its applicability, the department may find it a challenge in applying computer and its related technology in its security system.
 …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER96.2% of users find it useful
Organization Security Plan
Read Text Preview

Extract of sample "Organization Security Plan"

Organization Security Plan Security Policy Framework for the Engineers Aspects of Computer Application Literacy All Members ofthe department of defense must understand the security planning guidelines from the engineering task and from Microsoft for the preparation of the security plan. The department as a whole must be reasonably literate in every technical aspect in order to consider computers as their best security tool. Applying Computer technology as a security tool Unless the department of defense understands different aspects of computer and its applicability, the department may find it a challenge in applying computer and its related technology in its security system. The Departments Network Systems Computing System within the defense department Different department within the defense system have different roles hence different computer aspects will be applied to these different departments within the major defense system. Nonetheless, each office should have a computer with restricted use: i. Desktops: each member of staff has a desktop and a machine that acts as a print server ii. Printers: there are two; one printer fax combo and a high end plotter for general use. Order of Command and Information Sharing Information from lower officers can be accessed in the senior offices when such need arises while information from higher offices and authorities can NEVER be accessed in the lover officer. iii. Servers: there is one server that runs other small servers looking after the internet connection, files, Emails and other security database. iv. Laptop Computers: all directors have a laptop which, are used for storing all security and weapon information for their respective department. v. Internet Connection: there is a 2 mbps cable modem connection The Sever and other computers in the department are linked by certain internet cables while the remainders are connected by an 800.11 g wireless network with an access port. All machines, laptops and other computers run windows XP Professional (Erbschloe, 2005). Data Security Installation of System’s Antivirus After comparing each computer against a check list in a security guide for the department, it is identified that, virus protection was missing on six computers, antivirus was not updated for three computers, many user complained about spam while no protection was in place. Restricting the use of Passwords A random sampling found that many people did not use passwords (International Maritime Organization, 2011). None of the computers were password protected. The department had the insurance people the previous year; thus, the department had ensured a good quality on all doors, alarms and window locks. However, no computer had a serial number etched on the case while the department did not also have a log of the serial numbers. The department faces the risk of email and password cracking by intruders who want to access the weapon information (Vellani, 2007); hence, the use of passwords must be ensured. Security Plan Assessing the Underlying Risks It is vital to assess the underlying risks in the adoption and application of the computer technology within the department of defense. Solutions to the Risks and rolling the Project Upon the assessment of the associated risks and determining specific and serious risks; it is appropriate to provide lasting solution within the intended project. Project’s Efficiency and Effectiveness Software Installations The following software must be installed for the applicability and usage of the computer technology within the defense department for effective information sharing. Install Windows Firewall on the main server and on all computers Install the antivirus software every computer and laptops and enable an automatic update of the antivirus. Organize computers running Office Outlook 2003 which uses an E-mail filtering and installing a spam filtering software on all email servers. Updating the System To ensure effective and efficient application of computer technology within the department of defense, the following must be undertaken: Review all machines to ensure that they are fully updated. The machines should also be set to automatically refresh the updates. Protect information relating to purchase of weapons from unintentional or any unauthorized modification. Ensuring that weapons or arsenals used by the military are listed in documents that are kept secret and accessed only by specific persons accredited by the department. The trusted people with such information should be protected and their moves monitored to prevent sharing of important information with other people. Continuous updates on passwords considering the development of technologies and tools for circumventing previously set security measures. Restore procedure sand review backup. This would ensure that user data is stored on the server or even copied across regularly before reviewing the backups. Daily backups should be implemented and ensuring that a full backup is password protected and encrypted (Hunsicker, 2008). Administrative Actions on the Computer Technology Applications Highlighting Policy Changes to the Management The head of department will update the staff handbook on the new policies including: i. Use of passwords that are regularly updated ii. Satisfactory use of the internet and email iii. Who takes company properties away from the office Management Review the Policy Changes with the Company Attorney After completing the first draft, the directors shall review it together with the company attorney general before rolling it out. This is to ensure that every security and logistic systems applications within the intended computer technology adoption and applications are within the ordinary company policy and management systems. Educating the Users of the Application of the Computer Technology Advantages of Adopting Computer Technology It is worth noting that in most cases, the employees are usually resistive to organization changes; hence, it is vital that they are educated on the significant aspects and advantages of adopting and applying new information or computer technology within the management systems. When other staffs especially junior staffs understand and embrace the intended new information/computer technology, the application of the same will easy and simple. Hence, educating on the advantage of adopting and applying the same is vital. Educating the Staff on the use of different aspect of the intended changes The staff should be introduced to general and specific aspect of the intended change and practical applications. The training should cover areas including: i. Passwords ii. The security importance iii. The prevention of virus iv. Ensuring safe internet browsing v. Updating software and safe operation of systems from a server vi. Introducing the newly enhanced staff policies vii. Identification of means through which attacks penetrate computer systems and cause damages to data. Project Implementation Adware and Software Installation The contracted firm conducts installation in different offices including internet connectivity. Practical Training of the staff on the Application The department expects to give two hours of user training in groups as result of the changes. The training should cover areas including: a. Passwords b. The security importance c. The prevention of virus d. Ensuring safe internet browsing e. Updating software and safe operation of systems from a server f. Introducing the newly enhanced staff policies g. Identification of means through which attacks penetrate computer systems and cause damages to data. Success or Failure Analysis of the Project (Monitoring and Evaluation) Effectiveness and Effectiveness of the Installed Physical and Software The security managers should assess physical, data, as well as all network threats that result from faults in any security system. Departmental Reports on the Effectiveness and Effectiveness of the Change All members of the departments have the responsibility to ensure minimized exploitable weaknesses and vulnerability in all computer assets. Problems related to attacks and their causes will be listed and filed in backup folders or paper files for future references. These Measures will be put in place through board discussions or through a consultation with computer security experts on the steps needed for maintaining high security levels in future (Talbot and Jakeman, 2013). Resources and Budget Installation and Training Resources The approved expenditure is on; a. Purchasing antivirus software b. Installation of software c. Purchasing the security locks and renewing none descript laptop computer bags. d. Checking into an additional backup media Maintenance Resources These include expenditure for purchasing software antivirus and conducting different software updates. The maintenance resources must be factored since without which the effectiveness and efficiency of numerous software may be jeopardized. References Erbschloe, M. (2005). Physical security for IT. Amsterdam: Elsevier Digital Press. Hunsicker, A. (2008). The fine art of executive protection: Handbook for the executive protection officer. Boca Raton, Fla: Universal Pulishers. Talbot, J., & Jakeman, M. (2013). Security risk management body of knowledge. Hoboken, N.J: Wiley. Vellani, K. H. (2007). Strategic security management: A risk assessment guide for decision makers. Burlington, MA: Butterworth-Heinemann. International Maritime Organization. (2011). Company security officer. London: International Maritime Organization. Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(Organization Security Plan Outline Example | Topics and Well Written Essays - 1250 words, n.d.)
Organization Security Plan Outline Example | Topics and Well Written Essays - 1250 words. https://studentshare.org/information-technology/1833928-organization-security-plan
(Organization Security Plan Outline Example | Topics and Well Written Essays - 1250 Words)
Organization Security Plan Outline Example | Topics and Well Written Essays - 1250 Words. https://studentshare.org/information-technology/1833928-organization-security-plan.
“Organization Security Plan Outline Example | Topics and Well Written Essays - 1250 Words”. https://studentshare.org/information-technology/1833928-organization-security-plan.
  • Cited: 0 times

CHECK THESE SAMPLES OF Organization Security Plan

Security Risk Management in the UK

Equal threats are created by a volatile financial industry can affect any organization that failed to plan jeopardising the right to decent life and property of its corporate people, including pecuniary losses with respect to its stakeholders.... There is an old saying “when you dont plan for failure, you are planning to fail”.... Nevertheless, no organization has the resources to plan and deploy an infrastructure to cover all possible permutations of threats....
13 Pages (3250 words) Essay

Organizational Security Plan at Exxon Mobil Security

The author uses the concepts of organizational behavior and management are in designing an organizational security plan at Exxon Mobil Security.... In this regard, the concepts of organizational behavior and management are used in designing an organizational security plan at Exxon Mobil Security.... The successful implementation of organizational strategy at Exxon Mobil requires that executives shape to the peculiar needs of the strategy the formal structure of the organization, its informal relationships, and the processes of motivation and control which provide incentives and measure results....
10 Pages (2500 words) Term Paper

The Development of Security Domains

The paper 'The Development of security Domains' presents the rate of internet access which has augmented at a significant pace in the global context.... hellip; In the present modern era 'Information security Management', has been one of the most crucial factors with the help of which organizations can ensure their efficiency and effectiveness.... As an effect, 'Information security Management' has been applied by SMEs for managing data for decades (Dhillon & Torkzadeh, 2006; Whitman, 2004)....
17 Pages (4250 words) Term Paper

Compilation of Security Data Issues

The paper 'Compilation of security Data Issues' focuses on data security issues.... The paper is a compilation of ten security data issues.... Data security means safeguarding data, like a database, from disparaging forces, and from the undesired actions of unauthorized personnel.... hellip; The author states that unauthorized access to data is one of the data security issues affecting businesses.... Most organizations and businesses implement numerous forms of security by enforcing hardware remedies such as firewalls and routers....
12 Pages (3000 words) Report

Organizational Security Plan

In the paper “Organizational security plan” the author looks at the proliferation of industrial espionage as well as the growth of terrorist networks across the globe.... A security plan is made up of procedures, strategies, policies, controls, and protocols that an organization uses to prevent security risks.... The security plan is used to reduce the level of risk facing an organization as well as the impact of the said risks.... In a security plan, an organization is required to state its missions, visions, and objectives....
6 Pages (1500 words) Assignment

Threats to Information Holdings

In this paper, a security plan will be designed based on this audit.... ObjectivesThe general objective of this research is to develop a security plan to address the current and potential threats to the organization's information.... o devise a security plan that expounds the physical, human and electronic measures to control the information holdings' threats.... To give recommendations on any necessary changes that may need to be done to the security plan to improve the organizational information security in the future....
14 Pages (3500 words) Essay

Impact of Data Security on Enterprise Information Security Planning

Therefore, an Organization Security Plan has a critical role to play in protecting data and the business value.... Primarily, data security demands all managers to develop a business data security plan also referred to as information security program.... Data Security versus Enterprise Information Security PlanningISPO (2016) hypotheses that the process of establishing a suitable organizational security plan occurs in different stages and requires appropriate utilization of organizational resources to achieve the desired outcomes....
13 Pages (3250 words) Case Study

Issues Related to Security Interoperability and Operations

Other included processes and requirements within the DRBCP include critical business process including process owners, alternative processing facility addresses as well as directions, notification listing, critical plan participant roles, responsibilities, vendor contact listing, core business forms, recovery procedures for core systems, as well as procedures initiated to manage public relations and communication.... e) Not all the plan participants have been issued with the process plan as seen in the review of DRBCP distribution lists....
8 Pages (2000 words) Case Study
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us