SECURITY POLICY & STANDARTS – 06
Order ID:89JHGSJE83839 |
Style:APA/MLA/Harvard/Chicago |
Pages:5-10 |
Instructions:
SECURITY POLICY & STANDARTS – 06
Part 1: Research Remote Access Policies (0/1 completed)
Note: In this part of the lab, you will review internet resources on remote access policies in order to form a basis for their purpose and usage. Understanding the reason behind a remote access policy is key to understanding the component policies and procedures. Please take the time to review the research thoroughly and think through the concepts of the policy itself.
- In your browser, navigateto and readthe “Remote Access Policy” template at https://www.sans.org/information-security-policy/.
- Using your favorite search engine, locatea remote access policy for a higher education institution.
- Using your favorite search engine, locatea remote access policy for a healthcare provider.
- Writea brief summaryof the information during your research. In your summary, focus on the key elements of the remote access policy. You should also identify any unique elements of remote access policies for higher education and healthcare institutions. Be sure to provide links to the remote access policies you identified in steps 2 and 3.
Part 2: Create a Remote Access Policy (0/7 completed)Note: As you found in your research, different industries have similar but different policies. When using a policy template, it is important to ensure that the template matches the needs of your specific industry and business.
Review the following risks and threats found in the Remote Access Domain:
- The organization is a local credit union that has several branches and locations throughout the region.
- Online banking and use of the internet are the bank’s strengths, given its limited human resources.
- The customer service department is the organization’s most critical business function.
- The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.
- The organization wants to monitor and control use of the internet by implementing content filtering.
- The organization wants to eliminate personal use of organization-owned IT assets and systems.
- The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.
- The organization wants to implement security awareness training policy mandates for all new hires and existing employees. Policy definitions are to include GLBA and customer privacy data requirements, in addition to a mandate for annual security awareness training for all employees.
- 1. Identify a security control or countermeasure to mitigate each risk and threat identified in the Remote Access Domain. These security controls or countermeasures will become the basis of the scope of the Remote Access Domain policy definition to help mitigate the risks and threats commonly found within the Remote Access Domain.
- 2. Review the following characteristics of the fictional Healthwise Health Care Provider:
- Healthwise has several remote health care branches and locations throughout the region.
- Online access to patients’ medical records through the public Internet is required for remote nurses and hospices providing in-home medical services.
- Online access to patients’ medical records from remote clinics is facilitated through a virtual private network (VPN) and a secure web application front-end over the public Internet.
- The organization wants to be in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and IT security best practices regarding remote access through the public internet.
- The organization wants to monitor and control the use of remote access by implementing system logging.
- The organization wants to implement a security awareness training policy mandating that all new hires and existing employees obtain remote access security training. Policy definition is to include HIPAA and electronic protected health information (ePHI) security requirements and a mandate for annual security awareness training for all remote or mobile employees.
- 1. Create an organization-wide remote access policy for Healthwise Health Care:
Healthwise Health Care
SECURITY POLICY & STANDARTS – 06
RUBRIC
|
Excellent Quality
95-100%
|
Introduction
45-41 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned. |
Literature Support
91-84 points
The background and significance of the problem and a clear statement of the research purpose is provided. The search history is mentioned.
|
Methodology
58-53 points
Content is well-organized with headings for each slide and bulleted lists to group related material as needed. Use of font, color, graphics, effects, etc. to enhance readability and presentation content is excellent. Length requirements of 10 slides/pages or less is met.
|
Average Score
50-85%
|
40-38 points
More depth/detail for the background and significance is needed, or the research detail is not clear. No search history information is provided.
|
83-76 points
Review of relevant theoretical literature is evident, but there is little integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are included. Summary of information presented is included. Conclusion may not contain a biblical integration.
|
52-49 points
Content is somewhat organized, but no structure is apparent. The use of font, color, graphics, effects, etc. is occasionally detracting to the presentation content. Length requirements may not be met.
|
Poor Quality
0-45%
|
37-1 points
The background and/or significance are missing. No search history information is provided.
|
75-1 points
Review of relevant theoretical literature is evident, but there is no integration of studies into concepts related to problem. Review is partially focused and organized. Supporting and opposing research are not included in the summary of information presented. Conclusion does not contain a biblical integration.
|
48-1 points
There is no clear or logical organizational structure. No logical sequence is apparent. The use of font, color, graphics, effects etc. is often detracting to the presentation content. Length requirements may not be met
|
|
|
|
|
|
You Can Also Place the Order at www.collegepaper.us/orders/ordernow or www.crucialessay.com/orders/ordernow |
PLACE THE ORDER WITH US TODAY AND GET A PERFECT SCORE!!!