...Surveillance Awareness Project A proposal prepared by Team Underachievers Shea Polansky Gabriela Cde Baca Jacob Nevarez Elliot Nicholas For Dr. Natasha Jones University of New Mexico 2014-10-21 Team Underachievers Memo TO:Dr. Natasha Jones FROM:Team Underachievers DATE:2014-10-7 SUBJECT:Proposal PURPOSE:To acquaint you with our proposal Dear Dr. Jones, Edward Snowden’s leaks about the National Security Agency’s mass surveillance programs created a global debate about privacy, security, and safety. The NSA has the capability to read email, snoop on private social network conversations, observe phone call records, and track the physical locations of citizens not charged nor suspected of any crime, without so much as a warrant. Worse, the demographic most affected this level of snooping on our digital lives, the 18-24 year-old college crowd, is the least knowledgeable and most politically apathetic about the issue. This is a recipe for disaster, and this proposal seeks funding for an awareness campaign that will address it. This campaign will raise awareness about mass surveillance and the Snowden disclosures. We will use posters and flyers to dry attention to the issue. We will use the University of New Mexico as a testing ground, using before and after surveys to gauge effectiveness. If the campaign proves successful, we will recruit volunteers and raise a second round of funding to bring the campaign to college campuses across...
Words: 3481 - Pages: 14
...WEEK 10 TERM PAPER “The Rookie Chief Information Security Officer” Terri Cooks Professor Parker SEC 402 June 15, 2014 Part 1: Organization Chart When looking at the many different roles within the management of any organization’s security program there are some titles that stand out. One would be the CISO. The CISO is the executive whose responsibility is to maintain entire security backbone, both physical and digital. In an article written for the Sans Institute by Matthew Cho, “CISO Roles and Responsibilities: According to the latest information, almost sixty percent of the organizations in the United States acknowledge the existence of a CISO dedicated entirely to security (Ware). Responsibilities for these individuals include ensuring proper protection for all physical and technical aspects of the organization. Technical aspects ranging from securing communications, applications, and business systems to performing risk assessments of IT assets exposed to outsiders on the Internet. Physical aspects including non-electronic factors such as physical site access as well as drafting policies and procedures for secure daily operations. Along with overseeing the organization’s physical and technical security implementation, CISOs are also responsible for security management activities. These activities may include training others for security awareness, purchasing security products, planning for and managing disaster recovery, developing secure business and communication...
Words: 4742 - Pages: 19
...Richman Investments Security Outline Richman Investments has experienced an increase in security breaches that have resulted in the loss of company proprietary information and damage to systems due to many virus and Trojan Horse infections. The following outline contains some of the security mitigation proposals to be implemented shortly. This is just a basic plan for the moment and if security breaches continue, more stringent policies will be installed. The Seven Domains of a typical IT infrastructure are as follows, with the corresponding security proposed for each domain. 1.) User domain proposal: Track and monitor abnormal employee behavior and use of IT infrastructure during off-hours. Begin IT access control lockout procedures based on Acceptable use policy (AUP) monitoring and compliance. 2.) Workstation Domain proposal: Use workstation antivirus and malicious code polices, standards, procedures, and guidelines. Enable an automated antivirus protection solution that scans and updates individual workstations with proper protection. 3.) LAN Domain (including wireless LANs) proposals: Implement encryption between workstations and Wireless Access Points (WAPs) to maintain confidentiality. 4.) LAN-to-WAN Domain proposal: Conduct post configuration penetration tests of the layered security solution within the LAN-to WAN Domain. Test inbound and outbound traffic and fix any gaps. 5.) Remote Access Domain proposal: Apply first-level (i.e., user ID and password) and...
Words: 335 - Pages: 2
...October 4, 2013 Proprietary and confidential REQUEST FOR PROPOSAL Table of Contents USING THIS TEMPLATE 3 TEMPLATE CONTENTS 3 INTRODUCTION AND BACKGROUND 5 PURPOSE OF THE REQUEST FOR PROPOSAL 5 ADMINISTRATIVE 6 TECHNICAL CONTACT 6 CONTRACTUAL CONTACT 6 DUE DATES 6 SCHEDULE OF EVENTS 7 GUIDELINES FOR PROPOSAL PREPARATION 8 PROPOSAL SUBMISSION 8 DETAILED RESPONSE REQUIREMENTS 10 EXECUTIVE SUMMARY 10 SCOPE, APPROACH, AND METHODOLOGY 10 DELIVERABLES 11 PROJECT MANAGEMENT APPROACH 11 DETAILED AND ITEMIZED PRICING 11 APPENDIX: REFERENCES 11 APPENDIX: PROJECT TEAM STAFFING AND BIOGRAPHIES 11 APPENDIX: COMPANY OVERVIEW 12 EVALUATION FACTORS FOR AWARD 13 CRITERIA 13 SCOPE OF WORK 14 REQUIREMENTS 14 DELIVERABLES 14 USING THIS TEMPLATE Savid Technologies has developed this Request For Proposal (“RFP”) template to help organizations identify and select a quality security vendor to perform professional services work. This template is absed off templates provided by Foundstone, Verisign, and other security institutions including countless RFP responses Savid has provided. It also lists questions organizations should consider asking potential vendors to ensure that a thorough and comprehensive approach to the project will be taken. This template should apply for a variety of information security projects including: External Network Vulnerability Assessment and Penetration...
Words: 2629 - Pages: 11
...Joe Bailey ITS-2120 Network Security Proposal Introduction Fixem Orthopedic Therapy is a physical therapy facility that treats people who are recovering from various musculoskeletal surgeries. The company is based in Southern Maryland and consists of three separate offices: one in Brandywine, one in Indian Head, and an office that was recently built in Waldorf. These offices connect to each other through WAN links, and they are also capable of connecting to local doctors’ offices which allows patient records to be easily sent from a patient’s doctor to the facility that needs them. Fixem Orthopedic must ensure that only authorized individuals, mainly the receptionists and physical therapists, can have access to these sensitive records. These files contain information that malicious people can take advantage of such as Social Security numbers and credit card and billing information. The lack of a proper security policy can result in severe penalties for Fixem Orthopedic under the HIPAA Security Rule (“HIPAA Security Rule”). Measures must also be taken to protect the network from malware, including worms and viruses. These are very serious security threats that can slow or bring down the network as well as pose a threat to data stored on the computers. Finally, the employees can pose a risk to the network’s security if they have not been properly trained to handle social engineering tactics. Improvement The security of this business’s network is vital to its continued operation...
Words: 1725 - Pages: 7
.................................................................................................... 2 1.2 OVERALL ASSESSMENT.................................................................................................... 2 1.3 MAIN FINDINGS, CONCLUSIONS AND RECOMMENDATIONS ............................................. 2 1.3.1 Business Continuity Plan Governance (See Section 3.1 of the BCP Standard) ......... 2 1.3.2 Business Impact Analysis (See Section 3.2 of the BCP Standard).............................. 3 1.3.3 Business Continuity Action Plans and Arrangements (See Section 3.3) .................... 4 1.3.4 BCP Program Readiness (See Section 3.4 of the BCP Standard) .............................. 5 1.3.5 BCP Training and Awareness (See Section 3.4 of the BCP Standard) ...................... 5 2.0 INTRODUCTION............................................................................................................. 7 2.1 BACKGROUND .................................................................................................................. 7 2.1.1 Treasury Board of Canada Secretariat (TBS) Policy ................................................. 7 2.1.2 Industry Canada Policy .............................................................................................. 7 2.1.3 Industry Canada’s Identification of Critical and Essential Services.......................... 8 2.1.4 Public Safety and Emergency Preparedness Canada...
Words: 5659 - Pages: 23
...Executive Proposal CMIT 321 Certified Ethical Hacking Kowaine Baker University of Maryland University College Executive Proposal The Solarwinds software was developed to assist in management and addressing of security exploits, real-time network health and change management among other areas of today’s ever changing Information Technology (IT) data environment. This software assists the security manager in safeguarding vital business data through the compilation of network device information and real-time awareness of network health, firewall configuration and patch management with deployment. The software is modular and can be configured to meet the needs of the organization in which it supports while minimizing service interruptions which lead to the loss of productivity. Solarwinds offers a multitude of modules that range from configuration management to help desk trend analysis and firewall management. This is a non-platform dependent software solution which can manage firewalls and devices for proper patch management. This solution can be configured by the most novice IT professional while not breaking the bank. Its scalability can support anywhere from 10 users to many hundred users. The Solarwinds software solution can be a great addition to any network security solution. The benefits you will be getting from this software cover a large spectrum of security hardening techniques from the firewall configuration and management to end user patch management. Solarwinds...
Words: 1221 - Pages: 5
...SCMT Undergraduate Capstone Proposal Form 12 February 2015 Daniel Roberts Winter 2015 Submitted in partial fulfillment of the degree requirements for the BA in Security Management Abstract The purpose of this proposal is to address the importance of Critical Infrastructure Protection (CIP) and the mythology behind this since the attacks of 9/11, as well as a brief history of Critical Infrastructure Protection pass to the present to include attacks from the cyber arena. These attacks are prone to come indirect or direct which will and could affect our need and use for resources for life as we know it based on living naturally on a daily bases, these threats maybe man made or by natural disaster. Problem statement Prior to the attacks of 9/11 there was no main concern with the protection of Critical Infrastructure within the United States from any avenue. As we moved on into the 21 century the threat has evolved from more than just protecting water source, and power plants. With the information age this issue has shown another form of crippling the United States economy with just the push of a button. How we to protect these infrastructures from threats that may not be seen or those from natural disasters is a question for now and the future. Purpose statement I have chosen this particular subject due to the nature of its importance to national security, economy, as well as the everyday needs of Americans to survive. The awareness for the protection of our...
Words: 786 - Pages: 4
...Richman Investments. As part of the general security plan of the organization the IT department puts together a proposal to provide multi-layered security strategies that can be applied at every level of the IT structure. The plan will lay out the importance of improving and safeguarding the levels of each domain and the process of protecting the information of the organization. User Domain At Richman Investments the personnel is accountable for the appropriate use of IT assets. Therefore, it is in the best interest of the organization to ensure employees handle security procedures with integrity. It is essential to create a strong AUP (Acceptable Use Policy) procedure and as part of the process, require employees sign an agreement to guarantee they understand and conform to implemented rules and regulations. In addition, the company will conduct security awareness training, annual security exercises, notices about securing information, and constant reminders security is everyone’s responsibility. Workstation Domain The plan to secure the workstation domain enforces a strong password policy on each workstation and also enables screen lockout protection for inactive times. Keeping all workstations with an up to date antivirus is essential. Furthermore, content filtering features will arrange access of specific domain names according to AUP definitions. In addition, workstations will have up-to-date application software and security patches conferring to company guide lines...
Words: 779 - Pages: 4
...[pic] STATE GOVERNMENT DEPARTMENT OF FINANCE AND ADMINISTRATION REQUEST FOR PROPOSALS FOR INFORMATION SECURITY ASSESSMENT SERVICES (ISAS) RFP NUMBER: 427.04-107-08 |CONTENTS | |SECTION | | |1 |INTRODUCTION……………………………………………………………………………….3 | |2 |RFP SCHEDULE OF EVENTS………………………………………………………………..................................6 | |3 |PROPOSAL REQUIREMENTS………………………………………………………………7 | |4 |GENERAL REQUIREMENTS & CONTRACTING INFORMATION………………….…..9 | |5 |PROPOSAL EVALUATION & CONTRACT AWARD…………………………………....13 | | | |RFP ATTACHMENTS: | | ...
Words: 40549 - Pages: 163
...popularity helped raise awareness about social welfare programs and economic fairness. Sinclair's legacy is multifaceted. He is remembered as a muckraking journalist whose work exposed social ills, a literary influencer who inspired generations of writers, and a lifelong advocate for social reform. Dr. Francis Townsend was a prominent figure during the Great Depression, advocating for the elderly through his "Old-Age Revolving Pensions" plan. Before the Depression, Townsend was widely known, working as a physician and public health official in California. However, the economic hardship of the 1930s propelled him into the national spotlight. Witnessing the plight of many elderly Americans, Townsend believed the existing social safety net was inadequate. His plan offered a seemingly simple solution: a guaranteed monthly pension of $200 for every citizen over 60. This direct financial assistance targeted a vulnerable population often neglected during the Depression. The plan's appeal stemmed from its simplicity, promise to stimulate the economy, and its emphasis on fairness for senior citizens who had contributed throughout their lives. While Townsend's proposal wasn't implemented exactly as envisioned, it sparked a crucial national conversation about social welfare and the government's responsibility to its citizens. His ideas ultimately helped lay the groundwork for the establishment of Social Security, a program that continues to provide financial security for millions of elderly...
Words: 1236 - Pages: 5
...sample size is very large and intends to have a good representation of the voting public. Random digit dialing and lists of addresses are used as the sampling strategy. The findings of this research intends to answer of internet voting is effective and a good alternative voting method in the sense that it reduces the costs of public elections but at the same time be reliable and credible. The total cost of implementing this proposal is averaging to about AU$ 121785. The study should take no more than 3 months to complete Previous research literature on this issue shows a couple of key findings that are crucial to this research. It is important to know the costs of previous elections. The background paper shows that the previous election cost more than $95 million. There has been no previous trials on internet voting anywhere in Australia. In the United States, there have been concerns that internet voting brings about racial discrimination. Further concerns have arisen about home voting via the internet as for the security concerns. Another key note for this research is that certain segments of this population have been identified as perceiving the internet as threatening. The...
Words: 1655 - Pages: 7
...stages of the credit cycle, from account acquisition to account retention, and credit loss using numerous data sources. She is also able to take on responsibility and work well under pressure. She is a good team player with excellent interpersonal skills and strong commercial awareness who is able and willing to update her skills in response to the needs of a constantly evolving market place. CAREER SUMMARY Employer | Key Responsibilities and Achievements | Role | Date | Asset Management Corporation of Nigeria (AMCON) | Loan Management: * Review of customers repayment proposals and obtain relevant approval from Management which has led to the restructuring of loans worth over One Billion Naira in the last six months. * Examine terms and conditions of approved credit proposals to ensure that they are in full compliance with the Corporation’s policy procedures and guidelines prior to the disbursal of approved facility terms and conditions. * Preparation of credit facility letters and related security documentation ensuring that all terms and...
Words: 811 - Pages: 4
...Communications Proposal and Presentation Learning Team C ENG 135 October 12, 2015 Kimberley Holloway Technology is ever growing and Smith Systems must grow with it. There are many new ways to reach clientele and stay in touch with existing personnel. Our proposal will include options for immediate and consistent advertising, face to face meetings, and the ability to reach anyone no matter where they are in the world. To do this we will explain how the use of social media, video and satellite conferencing, and Internet meetings will place Smith Systems at the top of their class in communications. Social media can contribute to success and growth in all areas of Kudler Fine Foods by providing networks and new channels for your brand's voice and content. Social media offers the opportunity to increase your visibility and grow brand awareness. Utilizing social media allows your customers to connect and interact with your business on a more intimate level. Interacting with your customers regularly is a show of accountability and good-faith for other customers. The Kudler Fine Foods brand will be mentioned on social media, i.e. Facebook, Yelp, where people can go to compliment a product or service received by the company. The more talk that is created by the people on social media, the more valuable and authentic your brand will seem to new customers. Almost all social media sites are free to use. This means that your company will be in direct contact with...
Words: 1225 - Pages: 5
...purchasing and supply topics for research proposal Quality Management Quality Management. Search for White Papers and Other Software Related to Quality Management. In today’s global market, providing quality products and services is essential for any manufacturer’s continued growth—but maintaining a competitive edge is not always easy. For success, quality awareness must begin at the conception of the product and continue throughout the various stages of its development. To improve in this area, many manufacturers are now adopting the total quality management (TQM) approach. CASH MANAGEMENT RESEARCH PROPOSAL SAMPLES: Quality Management Quality Management Source: 3i Infotech Document Type: White Paper Description: In today’s global market, providing quality products and services is essential for any manufacturer’s continued growth—but maintaining a competitive edge is not always easy. For success, quality awareness must begin at the conception of the product and continue throughout the various stages of its development. To improve in this area, many manufacturers are now adopting the total quality management 7/3/2007 1:15:00 PM Alfanar HR Management Alfanar IT, an information technology company operating in Saudi Arabia since 1995, introduces the alfanar human resources (HR) Management module for Microsoft Dynamics AX. This module enables the HR department staff, without any programming capability, to identify, capture, maintain, and adjust employee information required...
Words: 1692 - Pages: 7