IT Security Policy Framework

Superior Essays
IT Security Policy Framework
Darryl E. Gennie
Professor Kevin Jayne
Augusta
CIS 462
26 July 2015
Strayer University

For the healthcare insurance industry it is important to have an Information Security Policy Framework within the organization. This protects information that is accessed across the network by staff personnel and patients. ISO 27000 includes a series of international standards that provide a model for establishing, operating, maintaining, and improving an Information Security Management System (ISMS). ISO 27001 provides specific best practices for ISMS, which incorporate the information security requirements of many other regulations such as the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes-Oxley
…show more content…
The user domain refers to any end user accessing information in any form (Johnson, 2011). A good way to ensure that your users are aware of all policies and practices is to provide training when they are hired. This training should address the acceptable use policy, e-mail policy, privacy policy and the system access policy (Johnson, 2011). Workstation domain is defined as any device that an end user utilizes to access information (Johnson, 2011). There should be some type of software management system that addresses inventory management, discovery management, patch management, helpdesk management, log management, and security management. This software is able to effectively manage access of who, what, where, and when on the network as well as provide support to users and provide security updates regularly (Johnson, …show more content…
It may include all or a combination of a hub, switch, router and firewall. A business LAN is much more complicated than a home LAN. They have either a flat network or a segmented network. In a flat network, there are few if any, controls to limit network traffic. When workstations connect to flat networks, they can see and attempt to connect to any other device on the network. These networks are considered to be the least secure. A segmented network limits the way in which computers can communicate with each other. By utilizing switches, firewalls, routers and other devices, network traffic can be restricted. This enables the ability to eliminate the number of threats to the network (Johnson, 2011). LAN-to-WAN is defined as the bridge between a LAN and a WAN. A LAN is utilized for connecting computers within offices or groups of building, while a WAN is used for connecting computers across the country or globally. It is essential to utilize firewalls on a WAN (Johnson,

Related Documents

  • Improved Essays

    Interface Management securely opens and managed enterprise data and applications that are need to fill a request. It offers a range of functionalities, such as; transforming data to fill the request, filtering data to collect the right information, combining different sets of data stored in different enterprise systems, transporting the data by translating the protocols between the request and the database, controlling traffic amongst multiple request from multiple users, and overall routing the requests to the right areas of the enterprise system to develop a response that can be sent back to the client. Development Management engages, educates, and empowers internal and external developers. It has functionalities that suit the developer needs by providing an onboarding training process, a plan management system, collaborating amongst developers, a consistently updated API discover, and Analytics for testing future APIs. Operations management is the manage lifecycle and performance operations functionalities.…

    • 1025 Words
    • 5 Pages
    Improved Essays
  • Improved Essays

    Nt1210 Unit 3 Assignment

    • 1204 Words
    • 5 Pages

    There are 3 (three) kinds of topology; Bus, Star and Ring topology for sharing data through computers. A Bus topology, also known as a line topology, is a network setup where each computer and network device are connected to a single cable. It is useful in small office networks since it uses less cable which is kind of advantage. But there is a very big disadvantage in using Bus topology which is if any of the segment in the network collapse it will also turn down all the other transmissions as well. In Figure 1 it shows a diagram of Bus…

    • 1204 Words
    • 5 Pages
    Improved Essays
  • Superior Essays

    IT Security Policy

    • 1073 Words
    • 4 Pages

    Users must be educated on policy and there must be a training session on security awareness for all users in the organization (“The IT Security Policy Guide”, n.d., pg. 9). Further, users should have to sign a copy of the policy establishing that they have reviewed the policy (“The IT Security Policy Guide”, n.d., pg. 9). User understanding is vital to the ongoing success of a security policy.…

    • 1073 Words
    • 4 Pages
    Superior Essays
  • Great Essays

    Advantage Of NAT

    • 1778 Words
    • 7 Pages

    This is done by configuration of routers to make sure that they drop or ignore these private IP addresses from the public internet. By doing this an organization can re-use any of the private IPv4 addresses unlike public addresses. NAT only allows for one single…

    • 1778 Words
    • 7 Pages
    Great Essays
  • Great Essays

    SOFTWARE REQUIREMENT SPECIFICATION Software development life cycle(SDLC) consists various phases: requirement gath- ering and analysis, design, implementation or coding phase, testing, deployment and maintenance. In this section, we specify the software requirements of the proposed EFFM system. This phase is critical to the success of the project. Requirement analy- sis is an art and science. In requirement gathering and ananlysis, customer expectations need to be eshed out in great detail and documented.…

    • 1824 Words
    • 8 Pages
    Great Essays
  • Improved Essays

    If network connectivity is lost to the domain controller that holds the AD credentials, the users will be unable to gain access to all of the systems that are attached to AD. Advantages and disadvantages using LDAP for SSO Using LDAP for single sign on can also make it very easy for system users to access multiple systems with one set of credentials. There are as many advantages as there are disadvantages when using LDAP for single sign on. The following are some of those advantages and disadvantages: Advantages of using LDAP for SSO 1. Since LDAP is pretty much standardized, there are many plugins that are readily available.…

    • 1172 Words
    • 5 Pages
    Improved Essays
  • Great Essays

    Given that the firm has to evaluate the need for information security, it becomes easy to establish control that will reduce security. According to Peltier (2016), information will also include the organization of the security system and the roles that various individuals will play. Determining the responsibility that members will execute and the ones which the departments are responsible facilitates coordination and therefore makes the policy effective. Issue Specific Security…

    • 1257 Words
    • 6 Pages
    Great Essays
  • Improved Essays

    Bridge Analysis

    • 807 Words
    • 4 Pages

    Their function is to detect an error and control the flow on the physical link. They look for the MAC addresses for Ethernet and Token Ring to determine whether or not to forward or ignore a packet. The Purpose of a Bridge are isolating networks by Mac address, manages network traffic by filtering packets and translate from one protocol to another. Hub is like a repeater. When a packet goes in one of the port, it gets duplicate inside…

    • 807 Words
    • 4 Pages
    Improved Essays
  • Great Essays

    Zigbee Case Study

    • 1223 Words
    • 5 Pages

    Depending on the ZigBee vendor this feature should be utilized by all the nodes in the network. • Source node authentication should be implemented across all the nodes if the ZigBee vendor supports it, this will help in the identification of the transmitting…

    • 1223 Words
    • 5 Pages
    Great Essays
  • Improved Essays

    Health Information Systems

    • 1279 Words
    • 6 Pages

    Conclusion The success of today 's healthcare care system can be traced to active healthcare management information systems. Therefore, when designing and planning healthcare reform initiatives, it is imperative to consider how they (initiatives) interplay with HMIS and interoperability. The HIT regulations provide the standards and certification requirements for the HMIS particularly the EHRs which are expected…

    • 1279 Words
    • 6 Pages
    Improved Essays