Unit 1 Assignment 2: Impact of a Data Classification Standard

In: Computers and Technology

Submitted By zeekboos
Words 319
Pages 2
Unit 1 Assignment 2: Impact of a Data Classification Standard

Dear senior management this is my requested brief report on the IT infrastructure domain, in which, I will be describing the “internal use only “data classification standards set by Richman Investments.

The first layer of the IT infrastructure I will discuss is the The User Domain which is affected by the “internal use only” standard. It is the first layer and what some believe to be the weakest in the infrastructure. The user domain is where personal information is created and obtained for internal use only. Each person will have set permissions on what they can and cannot do. This way, no one person can mess up or delete anything that they are not supposed to.

The work station domain is the second layer of the infrastructure that I will discuss. This is also affected by the “internal use only” standard. This layer is where the user can access the network and any applications or information on the system. This requires a user to login with a password or authentication of some kind. This has to be done before this person can get to this information. This will help keep people out that aren’t supposed to be accessing the information.

The LAN to WAN domain is the third layer of the infrastructure I will discuss. I feel this is also affected by the “internal use only” standard. The TCP and UDP are not safe due the fact these are the enter and exit points of the network. This allows all the private information on the network at Richman Investments easy accessible for others outside of the network.

These are what I feel are the top three areas that are affected by the “internal use only” data classification standards and should be watched and maintained by security to ensure the users are using the system at Richman Investments…...

Similar Documents

Impact of a Data Classification Standard

...IT-255 unit 1 assignment 2: impact of a data classification standard Hello everyone at Richman investments, I was s asked to write a brief report that describes the "internal use only" data classification standard of Richman investments. I will list a few of the IT infrastructure domains that are affected by the standard and how they are affecting the domain and their security here at Richman investments. * User domain The user domain defines the people who access an organizations information system. In the user domain you will find an acceptable use policy (AUP). An AUP defines what a user can and cannot do with organization-owned IT assets. It is like a rulebook that the employees must follow. Failure to follow these rules can be grounds for termination. The user domain is the weakest link in an IT infrastructure. Anybody who is responsible for computer security understand what motivates someone to compromise an organization system, application, or data. Now I am going to list risk and threats commonly found in the user domain and plans you can use to prevent them. Lack of user awareness - solution - conduct security awareness training, display security awareness posters, insert reminders in banner greeting, and send email reminders to employees. Security policy violation- solution - place employee on probation, review AUP and employee Manuel, discuss during performance review. Employee blackmail or extortion- solution - track and monitor abnormal employee......

Words: 681 - Pages: 3

Impact of Data Classification Standard

...Impact of a Data Classification Standard The “Internal Use Only” data classification here at Richman Investments will include the User Domain, the Work Station Domain, and the LAN domain. These domains are the most basic IT Infrastructure domains, and they will cover all the users and workstations in the company. The “Internal Use Only” classification will cover information such as the company telephone directory, new employee training materials, and internal policy manuals. The User Domain defines the people who have access to a company’s information system. This domain contains all of the user information and will enforce an Acceptable Use Policy (AUP) that will define what each user has permissions to do with any company data that they may have access to. This domain is also the weakest link in any company’s infrastructure. The Workstation Domain is where all the user information will be verified, and an account will be set up. They will need to have a user name and password that is assigned to them by the IT department, before they can access the systems, application or data. No personal devices or removable media will be allowed on the network, and all systems will undergo regular updates, and have anti-virus and anti-malware installed on each workstation for monitoring. There will also be an Access Control List (ACL) drawn up to define what access each individual will have on the network. The LAN domain includes all data closets and physical as well as......

Words: 413 - Pages: 2

Impact of a Data Classification Standard

...Impact of a Data Classification Standard Sir: The following IT infrastructure domains that are being affected by the “Internal Use Only” data classification are: the user domain, the workstation domain, the LAN to WAN domain, and the remote access domain. Each of these has their own sets of problems. I will describe each problem for each domain and make a recommendation on how to rectify the situation. The user domain is where the access rights for each employee starts. I observed that many of the employees were not following the company’s policies of securing data. When questioned several of the employees stated that they were not aware of the policies. I would recommend that there is a semiannually security awareness training conducted for all employees. I also noted that there were quite a few individuals using personal USB drives with personal photos, music, and documents on them. I would recommend that each time an employee plugs in a personal device to a computer that an automatic scan occur with no way for the employee to stop the scan. The workstation domain is the second domain that I observed data compromising occurring. In my observations I noticed that many of the employees do not log off or lock their computer screens when they are away from their computer thereby making it easy for anyone to walk by and have access to the information they are authorized to use. I have several recommendations for this. One is to post a memo reminding......

Words: 496 - Pages: 2

Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard

...Unit 1 Assignment 2: Impact of a Data Classification Standard * User Domain This Domain is where only one user will have access to it. This can be configured to internal use only. By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. * Workstation Domain Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in order to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the password to be changed every 30 days. All computers maintain regular updates and continuous antivirus protection for monitoring. Additionally, no personal devices are allowed on the network. * LAN Domain The Local Area Network (LAN) Domain is a group of computers all connected to a single LAN domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements of the LAN, as well as logical elements as designated by authorized personnel. It......

Words: 364 - Pages: 2

Impact of a Data Classification Standard

...Impact of a data classification standard The "Internal Use Only" data classification standard at Richman Investments will include the most basic IT infrastructure domains to include the User Domain, Workstation Domain, and the LAN Domain. This will encompass all users and their workstations, as well their access to the internet and company server databases and any information in between. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outside contractor or third-party representatives shall also need to agree and comply with the AUP. All users must be properly identified and sign this AUP prior to gaining any access whatsoever to the company network. No exceptions. Any violation will be taken up with company executives and/or the authorities to assess further punitive action. The Workstation Domain includes all workstations approved on the company network. No personal devices or removable media may be used on this network. All devices and removable media will be issued by the company for official use only. To access any workstation, a user will need to be first verified, then setup with an account to be logged in with a username and pass code adhering to the IT departments set standards. All systems will undergo regular updates and be provided with anti-virus and anti-malware software for system monitoring. Access Control......

Words: 328 - Pages: 2

Impact of Data Classification Standard

...Impact of Data Classification Standard and Internal Use Only Data classification standard provides the means of how the business should handle and secure different types of data. Through security controls different data types can be protected. All these security controls should apply to each of every IT infrastructure in which it will state how the procedures and guidelines will guarantee the organization’s infrastructures security. This report will identify the definition of “Internal Use Only” data classification standard of Richman Investments. Internal Use Only includes information that requires protection from unauthorized use, disclosure, modification, and or destruction pertaining to a particular organization. This report will tackle 3 IT infrastructure including workstation domain, LAN-Wan Domain, and Remote Access Domain. Internal Use Only data includes data related to business operations, finances, legal matters, audits, or activities of a sensitive nature, data related to stake holders, information security data including passwords, and other data associated with security related incidents occurring at the business company, internal WCMC data, the distribution of which is limited by intention of the author owner or administrator. For the Workstation Domain, the impact of data classification standard internal use only can possibly applied when a user violates AUP and generates security hazard for the establishment’s IT infrastructure. In order to prevent......

Words: 596 - Pages: 3

Impact of Data Classification Standard

...Impact of a Data Classification Standard The “Internal Use Only” data classification here at Richman Investments will include the User Domain, the Work Station Domain, and the LAN domain. These domains are the most basic IT Infrastructure domains, and they will cover all the users and workstations in the company. The “Internal Use Only” classification will cover information such as the company telephone directory, new employee training materials, and internal policy manuals. The User Domain defines the people who have access to a company’s information system. This domain contains all of the user information and will enforce an Acceptable Use Policy (AUP) that will define what each user has permissions to do with any company data that they may have access to. This domain is also the weakest link in any company’s infrastructure. The Workstation Domain is where all the user information will be verified, and an account will be set up. They will need to have a user name and password that is assigned to them by the IT department, before they can access the systems, application or data. No personal devices or removable media will be allowed on the network, and all systems will undergo regular updates, and have anti-virus and anti-malware installed on each workstation for monitoring. There will also be an Access Control List (ACL) drawn up to define what access each individual will have on the network. The LAN domain includes all data closets and physical as......

Words: 318 - Pages: 2

Impact of a Data Classification Standard

...Internal use only data classification would include the User domain, the workstation domain, and the LAN domain. These domains are the basic IT infrastructure domains, and they will cover all the users and workstations in the company. The Internal use only classification will cover info such as telephone directory, internal policy manuals, and new employee training material. The user domain is where only one user will have access to it. This can be configured to internal use only. By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. The Workstation Domain, the impact of data classification standard internal use only can possibly applied when a user violates AUP and generates security hazard for the establishment’s IT infrastructure. In order to prevent something like this from happening, the Richman Investments can hire a professional to train all employees for a security awareness campaign and programs throughout the year The LAN domain includes all data closets and physical as well as logical elements of the LAN. This domain needs strong security, being that it is the entry and exit points......

Words: 300 - Pages: 2

Unit 1 Assignment 2 Impact of Data Classification Standard

...Unit 1 Assignment 2 Ronald McMahon April 1, 2014 To: Senior Management. Richman Investment “Internal use only “data classification standard. Ronald McMahon April 1, 2014 Information or data shared internally by an organization. While confidential information or data may not be included, communications are not intended to leave the organization. This report is designed to describe clarify the standards for the “Internal use only” data classification for Richman Investments, this report will address which IT infrastructure domains are affected by the standard and how. The first IT infrastructure affected by internal use only classification is the User Domain. The user domain defines the people who access an organization’s information system. The user domain also will enforce an acceptable use policy ( AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outsiders, contractor’s or third party representatives shall also need to agree and comply with the AUP . Any violation will be taken up with management and / or the authorities to access further punitive action. Work Station Domain – is where most users connect to the IT infrastructure. No personal devices or removable media may be used on this network. All devices and removable media will be issued by the company for official use only. Access Control Lists ( ACLs ) will be drawn up to appropriately define what access each person will......

Words: 385 - Pages: 2

Unit 1 Assignment 2 Impact of a Data Classification Standard

...Unit 1 Assignment 2: Impact of a Data Classification Standard When you hear “internal use only”, you automatically can assume that it’s restricted access to anyone not an employee of that company. So if you wanted to access your company’s website from home or anywhere, you would need company credentials to log in. Otherwise, you will not be able to do this at any point in time anywhere. This type of policy is implemented because companies do not want to allow security threats to reach into the system. With this said, of the seven domains within the IT infrastructure, three of them are affected by this policy. The first IT infrastructure affected by internal use only classification is the User Domain. The user domain defines the people who access an organization’s information system. The user domain also will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outsiders, contractor’s or third party representatives shall also need to agree and comply with the AUP. Any violation will be taken up with management and / or the authorities to access further punitive action. The “Work Station Domain” is where most users connect to the IT infrastructure. This domain is made up of the devices that employees use to connect to the IT infrastructure. No personal devices or removable media may be used on this network. All devices and removable media will be issued by...

Words: 458 - Pages: 2

Impact of a Data Classification Standard

...Following are three important “Internal Use Only” data classification standards of Richman Investments: 1. User Domain – This layer is by far the most vulnerable portion of any IT infrastructure. Without restrictions and education a user would have free rein to expose a network to a myriad of security risks. Richman Investments is not immune to this blight. For this reason, special attention is given to precautions for and education of users. Domain administrators have processes in place to monitor user activity and limit access to portions of the domain. These rules are defined under the acceptable use policy. This policy outlines what users are allowed to do with the company data that they have access to. Above all, users are accountable for their own actions. They are expected to secure their physical and virtual environment to the best of their abilities. 2. Workstation Domain – Another integral part of the overall security of any network. This domain is the access to the local area network via something like a NIC card. It is accomplished through some type of verification as a deterrent to hackers. Here is Richman Investments we have a multi-level security system in place. First, to access any area that contains a workstation at least one door requiring a key card will need to be entered. Next, at the workstation your username has been replaced by biometrics via your thumbprint. With the print you will have to enter your password. Password requirements include: at......

Words: 454 - Pages: 2

Nt2580 Unit 1 Assignment 2 Impact of a Data Classification Standard

...will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. * Workstation Domain Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in order to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the password to be changed every 30 days. All computers maintain regular updates and continuous antivirus protection for monitoring. Additionally, no personal devices are allowed on the network. * LAN Domain the Local Area Network (LAN) Domain is a group of computers all connected to a single LAN domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements of the LAN, as well as logical elements as designated by authorized personnel. It requires strong security and access controls. This domain can access company-wide systems, applications, and data from anywhere within the LAN. The LAN support group is in charge maintaining and securing this domain. The biggest threat to the LAN domain is Un-authorized access to anything (the LAN, the systems, & the data) on the network....

Words: 294 - Pages: 2

Impact of a Data Classification Standard

...Data Classification Standard is a guideline of how a business or organization should handle as well as secure their different array of data. With this particular report it will describe the “Internal Use Only” data of an Investment firm. Internal use only should tell you that this is information that is seen by employees of a company and no one else. There are 3 domains that could be under this umbrella of internal use only these would be the User Domain, Workstation Domain and the LAN domain. First we have the User Domain which defines the employees that will access the company’s information systems. This particular domain is the weakest link in the domain infrastructure due the users on this system that don’t think about the vulnerabilities and threats which include lack of user awareness, apathy towards policies, policy violations, downloads of personal or files that could malicious. Each of these risks is presented on an everyday basis that could compromise a company’s internal data. Secondly, you have the workstation domain, which is the domain where most of the users connect to the organizations infrastructure. This domain should require very tight security as well as access rights. Meaning, each user on the domain should only have the right to access what they need to be able to do their job productively and no more. This will have an impact in lowering the chance of breach in security. Some threats with this domain include; Unauthorized access to workstations...

Words: 417 - Pages: 2

Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard

...Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Unit 1 Assignment 2: Impact of a Data Classification Standard * User Domain This Domain is where only one user will have access to it. This can be configured to internal use only. By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. * Workstation Domain Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in order to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the password to be changed every 30 days. All computers maintain regular updates and continuous antivirus protection for monitoring. Additionally, no personal devices are allowed on the network. * LAN Domain The Local Area Network (LAN) Domain is a group of computers all connected to a single LAN domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements...

Words: 341 - Pages: 2

Impact of a Data Classification Standard

...Impact of a Data Classification Standard This report is to identify the IT infrastructure domains that affect the “Internal Use Only” data classification standard of Richman investment and go into details as to how each domain is affected. User Domain The first domain that affects this standard is the user domain and also maybe one of the more vulnerable of the IT infrastructure. User domain consists of the people that accesses Richman’s information system. Users at this level are expected to be responsible for the information they access here at Richman, but because that is not always the cause, Richman will have in place an acceptable use policy (AUP). The AUP will, in detail, define what information which users are allow to access and also what they are allowed to do with that information. Richman Investments deal mostly with customer’s financial records, so anyone with that violates Richman’s AUP and poses a threat to the company information and could faces immediate dismissal. Workstation Domain The workstation domain is the second domain affected by the “Internal Use Only” standard. This is where users will access the network via some type of device such as desktop, laptop, tablet, smart phone, etc. It is very important that IT department keep workstations update to date with latest and relevant software updates, security patches, and antivirus/malware protection. The workstations will be accessible with a user define password that must meet password......

Words: 385 - Pages: 2