...Richman Investments “Internal Use Only” Data Classification Standard Brief Report RICHMAN INVESTMENTS “INTERNAL USE ONLY” DATA CLASSIFICATION STANDARD Brief Report This Brief Report is to describe Richman Investments policy of “Internal Use Only” data classification standard. This document is to be used as an informational guide for any employee or third party representative who is to access any or all of Richman Investments internal data base information system. To access Richman Investments internal data base any user, employee or third party representative must agree to the acceptable use policy (AUP). “While confidential information or data may not be included, communications, documents or any data are not intended to leave the organization.” (Beecher, 2013) There are 3 types of IT infrastructure domains that are affected by the “Internal Use Only” data classification standard of Richman Investments listed as follows: User Domain is the first layer of the infrastructure and is defined as any person (single user) accessing Richman Investments internal data base information system who has agreed to the AUP. This Domain defines the user permissions. This is where the IT department defines what access each individual user will have on the network. This is considered to weakest link in the company’s infrastructure. Workstation Domain is the second layer of the infrastructure and is defined as the first access point to the Richman Investments internal data base...
Words: 318 - Pages: 2
...RICHMAN INVESTMENTS “INTERNAL USE ONLY” DATA CLASSIFICATION STANDARD Brief Report This Brief Report is to describe Richman Investments policy of “Internal Use Only” data classification standard. This document is to be used as an informational guide for any employee or third party representative who is to access any or all of Richman Investments internal data base information system. To access Richman Investments internal data base any user, employee or third party representative must agree to the acceptable use policy (AUP). “While confidential information or data may not be included, communications, documents or any data are not intended to leave the organization.” (Beecher, 2013) There are 3 types of IT infrastructure domains that are affected by the “Internal Use Only” data classification standard of Richman Investments listed as follows: User Domain is the first layer of the infrastructure and is defined as any person (single user) accessing Richman Investments internal data base information system who has agreed to the AUP. This Domain defines the user permissions. This is where the IT department defines what access each individual user will have on the network. This is considered to weakest link in the company’s infrastructure. Workstation Domain is the second layer of the infrastructure and is defined as the first access point to the Richman Investments internal data base information system, applications and data. This layer requires a login and password authentication...
Words: 306 - Pages: 2
...Unit1/Assignment 2 03/25/13 Impact of a Data Classification Standard “Internal Use Only” This is my brief report on the IT infrastructure domain. I will be describing the “internal use only “data classification standards set by Richman Investments. The user domain is the first layer of the IT infrastructure I will discuss that is affected by the “internal use only” standard. It is the first layer and what some believe to be the weakest in the infrastructure. The user domain is where personal information is created and obtained for internal use only. Each person will have set permissions on what they can and cannot do. This way no one person can mess up or delete anything that doesn’t need to be (Jones and Bartlett Learning). The work station domain is the second layer of the infrastructure that I will discuss. This is also affected by the “internal use only” standard. This layer is where the user can access the network and any applications or information on the system. This requires a user to login with a password or authentication of some kind. This has to be done before this person can get to this information. This will help keep people out that aren’t supposed to be accessing the information (Jones and Bartlett Learning). The LAN to WAN domain is the third layer of the infrastructure I will discuss. I feel this is also affected by the “internal use only” standard. The TCP and UDP are not safe due the fact...
Words: 340 - Pages: 2
...March 27, 2013 Senior Management Richman Investments Dear Management Team: I was asked to write a brief report that describes the “Internal Use Only” data classification standards in your company. Internal Use only data is confidential to your company and your employees. Confidential data is subject to the most restricted distribution and must be protected at all times. Compromise of data classified as Confidential could seriously damage the reputation, mission, safety, or integrity of the institution, its staff, or its constituents. It is mandatory to protect data at this level to the maximum possible degree as is prudent or as required by law. (N/A n.d.) This report will explain the three most common IT infrastructure domains that are affected by the standard and how each one is affected. The first layer that will be affected by the standard is the user domain. The user domain defines the people who can access your company’s information. (Kim and Solomon 2012) The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. The AUP is similar to a code of conduct that employees must follow. Any violation will be subject to punitive action. The second layer is the workstation domain where most users connect to the IT infrastructure. It is essential to have tight security and access controls for this particular domain. It should only be accessed by users who have proper...
Words: 405 - Pages: 2
...Unit 1 Assignment 2: Impact of a Data Classification Standard Course Name & Number: NT2580 Introduction to Information Security Learning Objectives and Outcomes * You will learn how to determine the impact of a data classification standard on an organization's IT infrastructure. Assignment Requirements You are a networking intern at Richman Investments, a mid-level financial investment and consulting firm. Your supervisor has asked you to draft a brief report that describes the “Internal Use Only” data classification standard of Richman Investments. Write this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. Your report will become part of an executive summary to senior management. Required Resources None Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Citation Style: Chicago Manual of Style * Length: 1–2 pages * Due By: Unit 2 Self-Assessment Checklist * I have identified at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. * In my report, I have included details on how those domains are affected. Internal Use Only The term “internal use only” is a term that refers to information or data that could also include communications are...
Words: 835 - Pages: 4
...Unit Plans Unit 1: Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure. Key Concepts Confidentiality, integrity, and availability (CIA) concepts Layered security solutions implemented for the seven domains of a typical IT infrastructure Common threats for each of the seven domains IT security policy framework Impact of data classification standard on the seven domains Reading Kim and Solomon, Chapter 1: Information Systems Security. Keywords Use the following keywords to search for additional materials to support your work: Data Classification Standard Information System Information Systems Security Layered Security Solution Policy Framework ------------------------------------------------- Week 1 Assignment (See Below) * Match Risks/Threats to Solutions * Impact of a Data Classification Standard Lab * Perform Reconnaissance & Probing Using ZenMap GUI (Nmap) * Page 7-14 in lab book. Project (See Below) * Project Part 1. Multi-Layered Security Plan ------------------------------------------------- Unit 1 Assignment 1: Match Risks/Threats to Solutions Learning Objectives and Outcomes You will learn how to match common risks or threats within the seven domains of a typical IT infrastructure with solutions and preventative actions...
Words: 1409 - Pages: 6
...2: impact of a data classification standard Hello everyone at Richman investments, I was s asked to write a brief report that describes the "internal use only" data classification standard of Richman investments. I will list a few of the IT infrastructure domains that are affected by the standard and how they are affecting the domain and their security here at Richman investments. * User domain The user domain defines the people who access an organizations information system. In the user domain you will find an acceptable use policy (AUP). An AUP defines what a user can and cannot do with organization-owned IT assets. It is like a rulebook that the employees must follow. Failure to follow these rules can be grounds for termination. The user domain is the weakest link in an IT infrastructure. Anybody who is responsible for computer security understand what motivates someone to compromise an organization system, application, or data. Now I am going to list risk and threats commonly found in the user domain and plans you can use to prevent them. Lack of user awareness - solution - conduct security awareness training, display security awareness posters, insert reminders in banner greeting, and send email reminders to employees. Security policy violation- solution - place employee on probation, review AUP and employee Manuel, discuss during performance review. Employee blackmail or extortion- solution - track and monitor abnormal employee behavior and use of IT infrastructure...
Words: 681 - Pages: 3
...Hello everyone at Richman investments, I was s asked to write a brief report that describes the "internal use only" data classification standard of Richman investments. I will list a few of the IT infrastructure domains that are affected by the standard and how they are affecting the domain and their security here at Richman investments. * User domain The user domain defines the people who access an organizations information system. In the user domain you will find an acceptable use policy (AUP). An AUP defines what a user can and cannot do with organization-owned IT assets. It is like a rulebook that the employees must follow. Failure to follow these rules can be grounds for termination. The user domain is the weakest link in an IT infrastructure. Anybody who is responsible for computer security understand what motivates someone to compromise an organization system, application, or data. Now I am going to list risk and threats commonly found in the user domain and plans you can use to prevent them. Lack of user awareness - solution - conduct security awareness training, display security awareness posters, insert reminders in banner greeting, and send email reminders to employees. Security policy violation- solution - place employee on probation, review AUP and employee Manuel, discuss during performance review. Employee blackmail or extortion- solution - track and monitor abnormal employee behavior and use of IT infrastructure during off hours. Alarms and alerts programmed...
Words: 297 - Pages: 2
...Network Security Plan For a general security solution plan at Richman Investments, this report will give an outline of the needed multi-layered security plan for the entire network including all branch offices. There are many risks that are involved with any network, good planning and policies put into place can mitigate security flaws. The multi-layer security solution can be a useful guideline to start and sustain these security measures within the company. The following topics for security planning will be discussed in a brief and general detail are; User Domain, Workstation Domain, LAN Domain, LAN-to-WAN Domain, Remote Access Domain, WAN Domain, and System/Application Domain. There are many different and unique threats to all domains listed; this report only covers a small portion of ways to mitigate such threats, risks, and vulnerabilities. User Domain In the first layer of the multi-layer security is the user domain. For any user within the company accessing the network on any given workstation or portable device, that user is subjected to the acceptable use policy (AUP). Users are the greatest risk to any network and proper assessment of user policies and the Global Policy configurations need to be well thought out and enforced by these policies. Under this AUP, if violated can be subjected to employee dismal or grounds for punishment actions. Users can be disgruntled employees and can cause serious issues to the network if they have access to sensitive information...
Words: 1254 - Pages: 6
...take a hard look at our current configuration of host, services and our protocols within our organization. Data from a large number of penetration tests in recent years show most corporate networks share common vulnerabilities. Many of these problems could be mitigated by appropriate education in “hacker thinking” for technical staff. We will take a look at our security on routers and switches to make sure there are no leakages of data traffic. OBJECTIVE We have identified that we have loss some major accounts to competitors whose bids have been accurately just under our bid offers by exact amounts. We also believe due to shared reporting and public Web site functions that our Web servers have been compromised and our RFP documents have been leaked to competitors which enabled them to under bid us. We want to mitigate Web threats in the future; we realize the web is a mission critical business tool. We want to purchase new products and services, that will give us an edge and better protect our networks and data, and that we address new and complex strategies against future attacks. SCOPE OF SERVICES 1. Procedures * Assist in planning and implementation of current configuration of host and services. * Network equipment evaluation ,and use of existing architecture * Look at growing threats to network Web Server, check Web malware, all uncontrolled use of...
Words: 3355 - Pages: 14
...the youngsters with conceptual and interpersonal skills and social purpose for managerial decision-making and its execution in real situations. 3. To develop and encourage the entrepreneurial capabilities of young generation to make them effective change agents. 4. To meet the demand for trained and professional people in the country at the top level management of business and industrial organizations in the light of the new economic and industrial policy of the country. 2. COURSE DURATION The MBA (Full Time) programme of Mahatma Gandhi University shall be spread in two years duration with 4 Semesters. Each semester shall comprise of a minimum of 16 instructional weeks of 5 days each of 5 hours a day (total contact hours 400). Continuous Internal Evaluation during the course period and University examination at the end of each semester shall be conducted. There shall be a semester break of 15 days each in addition to the usual Onam, Christmas and summer holidays. 3. ELIGIBILTY FOR ADMISSION 1. A pass in any Bachelor’s Degree Examination of Mahatma Gandhi University or an equivalent degree of any other universities duly recognized by M.G.University with not less than 50% marks in the aggregate for all parts of examination or a Master’s Degree examination with 50% marks in aggregate. 2. SC/ST students A pass in any Bachelor’s Degree examination is needed for SC/ST candidates 4. ADMISSION PROCEDURE Admission to MBA Degree programme of the study shall be on the basis of merit as determined...
Words: 20659 - Pages: 83
...NATIONAL INSTITUTE OF TECHNOLOGY SILCHAR Bachelor of Technology Programmes amï´>r¶ JH$s g§ñWmZ, m¡Úmo{ à VO o pñ Vw dZ m dY r V ‘ ñ Syllabi and Regulations for Undergraduate PROGRAMME OF STUDY (wef 2012 entry batch) Ma {gb Course Structure for B.Tech (4years, 8 Semester Course) Civil Engineering ( to be applicable from 2012 entry batch onwards) Course No CH-1101 /PH-1101 EE-1101 MA-1101 CE-1101 HS-1101 CH-1111 /PH-1111 ME-1111 Course Name Semester-1 Chemistry/Physics Basic Electrical Engineering Mathematics-I Engineering Graphics Communication Skills Chemistry/Physics Laboratory Workshop Physical Training-I NCC/NSO/NSS L 3 3 3 1 3 0 0 0 0 13 T 1 0 1 0 0 0 0 0 0 2 1 1 1 1 0 0 0 0 4 1 1 0 0 0 0 0 0 2 0 0 0 0 P 0 0 0 3 0 2 3 2 2 8 0 0 0 0 0 2 2 2 2 0 0 0 0 0 2 2 2 6 0 0 8 2 C 8 6 8 5 6 2 3 0 0 38 8 8 8 8 6 2 0 0 40 8 8 6 6 6 2 2 2 40 6 6 8 2 Course No EC-1101 CS-1101 MA-1102 ME-1101 PH-1101/ CH-1101 CS-1111 EE-1111 PH-1111/ CH-1111 Course Name Semester-2 Basic Electronics Introduction to Computing Mathematics-II Engineering Mechanics Physics/Chemistry Computing Laboratory Electrical Science Laboratory Physics/Chemistry Laboratory Physical Training –II NCC/NSO/NSS Semester-4 Structural Analysis-I Hydraulics Environmental Engg-I Structural Design-I Managerial Economics Engg. Geology Laboratory Hydraulics Laboratory Physical Training-IV NCC/NSO/NSS Semester-6 Structural Design-II Structural Analysis-III Foundation Engineering Transportation Engineering-II Hydrology &Flood...
Words: 126345 - Pages: 506
...SRM UNIVERSITY (Under section 3 of UGC Act, 1956) FACULTY OF MANAGEMENT SCHOOL OF MANAGEMENT MBA FULL TIME CURRICULUM AND SYLLABUS - 2013-14 1 Code MB 13101 MB 13102 MB 13103 MB 13104 MB 13105 MB 13106 SRM University MBA - Revised Curriculum - 2013-14 Semester –I Thinking and Communication Skills (Practical) Accounting for Decision Making Philosophy for Management Economics for Managers Managerial Statistics Managerial Skills (Practical) Semester-II Financial Management Management Information System Marketing Human Resource Management Production And Operation Management Legal Aspects of Business Semester- III Summer Internship (8 weeks)(Practical) Entrepreneurship Strategic Management Business Analytics (Practical) Elective-1 Elective-2 Elective-3 Elective-4 Semester- IV Elective-5 Elective-6 Industrial Elective (Practical) Total Credit L 0 2 3 2 2 0 T 0 4 0 2 4 0 P 4 0 0 0 0 6 C 2 4 3 3 4 3 19 4 3 4 2 4 3 20 2 3 3 2 3 3 3 3 22 3 3 5 11 72 MB 13207 MB 13208 MB 13209 MB 13210 MB 13211 MB 13212 MB 13313 MB 13314 MB 13315 MB 13316 2 2 3 2 3 2 0 2 2 0 2 2 2 2 2 2 0 4 2 2 0 2 2 0 2 2 0 2 2 2 2 2 2 0 0 0 0 0 0 0 4 0 0 4 0 0 0 0 0 0 10 MB 13417 Functional Electives Marketing Finance Systems Human Resource Operations Vertical Electives Pharma Hospitality Enterprise Resource Planning Agriculture Hospital and Health Care Retailing Auto Industry Project Management Media and Communication Banking Financial Service Insurance 2 MB...
Words: 53231 - Pages: 213
...Human Resource Management Review 16 (2006) 155 – 180 www.socscinet.com/bam/humres The use of personality measures in personnel selection: What does current research support?☆ Mitchell G. Rothstein a,⁎, Richard D. Goffin b a Richard Ivey School of Business, University of Western Ontario, London, Ontario, Canada, N6A 3K7 b Department of Psychology, University of Western Ontario, Canada Abstract With an eye toward research and practice, this article reviews and evaluates main trends that have contributed to the increasing use of personality assessment in personnel selection. Research on the ability of personality to predict job performance is covered, including the Five Factor Model of personality versus narrow personality measures, meta-analyses of personality–criterion relationships, moderator effects, mediator effects, and incremental validity of personality over other selection testing methods. Personality and team performance is also covered. Main trends in contemporary research on the extent to which applicant “faking” of personality tests poses a serious threat are explicated, as are promising approaches for contending with applicant faking such as the “faking warning” and the forced-choice method of personality assessment. Finally, internet-based assessment of personality and computer adaptive personality testing are synopsized. © 2006 Elsevier Inc. All rights reserved. Keywords: Personality assessment; Personnel selection; Five factor model; Personality and job...
Words: 21212 - Pages: 85
...STRATEGIC MANAGEMENT Page No. 01. Syllabus 03 02. The Nature of Strategic Management 04 03. Management Accounting Business Strategy 21 04. Q & ANS : Business Environment 39 05. Q & ANS : Business Policy & Strategic Management 48 06. Q & ANS : Strategic Analysis 57 07. Q & ANS : Strategic Planning 65 08. Q & ANS : Formulation of Functional Strategy 71 09. Q & ANS : Strategy Implementation & Control 79 10. Q & ANS : Reaching Strategic Edge 85 11. Case Studies 93 12. Short Questions 99 Paper 6: Information Technology and Strategic Management (One paper – Three hours – 100 Marks) Level of Knowledge: Working knowledge Section A: Information Technology (50 Marks) Section B: Strategic Management (50 Marks) Objectives: (a) To develop an understanding of the general and competitive business environment, (b) To develop an understanding of strategic management concepts and techniques, (c) To be able to solve simple cases. Contents 1. Business Environment General Environment–Demographic, Socio-cultural, Macro-economic, Legal/political, Technological, and Global; Competitive Environment. 2. Business Policies and Strategic Management Meaning and nature; Strategic management imperative; Vision, Mission and Objectives; Strategic levels in organisations. 3. Strategic Analyses Situational Analysis – SWOT Analysis, TOWS Matrix, Portfolio Analysis – BCG Matrix. 4. Strategic Planning Meaning, stages, alternatives...
Words: 44130 - Pages: 177