Maintaining Information Security CMGT-400 Assurance and Security 5-25-2013 Maintaining Information Security Maintaining the security of information couldn’t have been said any clearer than by Lindsey Walker of InfoSec Island, when in 2010 she wrote an article about sensitive information becoming breached. She said “Preventing information security breaches needs to become a main priority for any company when handling both customer and company information”. Sharing information has become much
Words: 1928 - Pages: 8
The PCI DSS is the global data security standard that any business of any size must adhere to in order to accept payment cards. It presents common sense steps that mirror best security practices. Goals PCI DSS Requirements: Build and Maintain a Secure Network | 1. Install and maintain a firewall configuration to protect cardholder data2. Do not use vendor-supplied defaults for system passwords and othersecurity parameters | Protect Cardholder Data | 3. Protect stored data4. Encrypt transmission
Words: 266 - Pages: 2
ACCEPTABLE USE POLICY (AUP), v 1.4, 6 January 2012 Reference: AR 25-2 (Information Assurance). A well-protected DoD/Army network enables organizations to easily handle the increasing dependence on the Internet. For a DoD/Army organization to be successful, it needs to integrate information that is secure from all aspects of the organization. The purpose of this policy is to outline the acceptable use of computer equipment within a DoD/Army organization. These rules are in place to protect the employee
Words: 3671 - Pages: 15
Create an email script to be sent to AT&T customers informing them of the security breach and a plan to resolve the issue. Explain your rationale. To the Loyal Employees and Contractors of AT&T, We are contacting you because we have learned of a serious data security incident that occurred on between July 29, 2011 and August 1, 2011 that involved some of your personal information. The data security breach occurred as a result of the theft of an AT&T laptop computer. Such breach has compromised
Words: 359 - Pages: 2
Information Security Policy Gennie Diamond Axia College of University of Phoenix IT/244 – Intro to IT Security October 10, 2010 Executive Summary The goals of this information security policy will be to state the principles and guidelines for protecting the confidentiality, integrity, and availability of sensitive information and resources for XYZ Energy. This policy will set forth requirements for securing the network’s confidential information and data communications infrastructure
Words: 1790 - Pages: 8
HIPAA Security Standards: Guidance on Risk Analysis Introduction The Office for Civil Rights (OCR) is responsible for issuing annual guidance on the provisions in the HIPAA Security Rule.1 (45 C.F.R. §§ 164.302 – 318.) This series of guidances will assist organizations2 in identifying and implementing the most effective and appropriate administrative, physical, and technical safeguards to secure electronic protected health information (e-PHI). The guidance materials will be developed with
Words: 3309 - Pages: 14
does the security risks that come with online gaming. “The number of American households which play video games is a roughly 65%.” (Source 2) With any network organization you want to make sure that you keep on top of vulnerabilities of anything that reaches out to the internet. Computers and servers that touch the internet are ones that must be scanned. As a company you have to make sure that you configure the security settings for the operating system, internet browser and security software
Words: 1027 - Pages: 5
2007 ASD(NII)/DoD CIO SUBJECT: References: DoD Information Assurance Certification and Accreditation Process (DIACAP) (a) Subchapter III of Chapter 35 of title 44, United States Code, “Federal Information Security Management Act (FISMA) of 2002” (b) DoD Directive 8500.01E, “Information Assurance (IA),” October 24, 2002 (c) DoD Directive 8100.1, “Global Information Grid (GIG) Overarching Policy,” September 19, 2002 (d) DoD Instruction 8500.2, “Information Assurance (IA) Implementation,” February 6, 2003
Words: 16882 - Pages: 68
1. If you receive a spam email, what should be done? a. Reply to it Incorrect: Replying to spam mail will only signal that the address is active and would only result in more spam b. Don’t reply to it Correct: Spam mails should never be replied to and should be marked as spam so that all future correspondence gets blocked. c. Forward them to friends or colleagues Incorrect: Forwarding spam mail to friends or colleagues is unethical and will only cause their inbox to occupy
Words: 1293 - Pages: 6
All client data needs to be kept secure all of the time. Doing this helps to protect company operations from being slowing down because the firm looks bad in the eyes of the public. Flayton Electronic has an obligation to protect all client information so that their needs are met without and drama or dilemmas. The firm does not want to have an instance on their hands where personal client data or company records were compromised. Flayton Electronic needs to protect the complete client base
Words: 1012 - Pages: 5
