Impact of Data Classification Standard

In: Computers and Technology

Submitted By mohamedcid
Words 318
Pages 2
Impact of a Data Classification Standard The “Internal Use Only” data classification here at Richman Investments will include the User Domain, the Work Station Domain, and the LAN domain. These domains are the most basic IT Infrastructure domains, and they will cover all the users and workstations in the company. The “Internal Use Only” classification will cover information such as the company telephone directory, new employee training materials, and internal policy manuals. The User Domain defines the people who have access to a company’s information system. This domain contains all of the user information and will enforce an Acceptable Use Policy (AUP) that will define what each user has permissions to do with any company data that they may have access to. This domain is also the weakest link in any company’s infrastructure.
The Workstation Domain is where all the user information will be verified, and an account will be set up. They will need to have a user name and password that is assigned to them by the IT department, before they can access the systems, application or data. No personal devices or removable media will be allowed on the network, and all systems will undergo regular updates, and have anti-virus and anti-malware installed on each workstation for monitoring. There will also be an Access Control List (ACL) drawn up to define what access each individual will have on the network. The LAN domain includes all data closets and physical as well as logical elements of the LAN. This domain needs strong security, being that it is the entry and exit points to the wide area network, and makes private information easily accessible to anyone. Users will be screened and authorized by the IT department head and given a special access code. The biggest threat to the LAN domain is unauthorized access. This will be monitored closely to…...

Similar Documents

Impact of a Data Classification Standard

...IT-255 unit 1 assignment 2: impact of a data classification standard Hello everyone at Richman investments, I was s asked to write a brief report that describes the "internal use only" data classification standard of Richman investments. I will list a few of the IT infrastructure domains that are affected by the standard and how they are affecting the domain and their security here at Richman investments. * User domain The user domain defines the people who access an organizations information system. In the user domain you will find an acceptable use policy (AUP). An AUP defines what a user can and cannot do with organization-owned IT assets. It is like a rulebook that the employees must follow. Failure to follow these rules can be grounds for termination. The user domain is the weakest link in an IT infrastructure. Anybody who is responsible for computer security understand what motivates someone to compromise an organization system, application, or data. Now I am going to list risk and threats commonly found in the user domain and plans you can use to prevent them. Lack of user awareness - solution - conduct security awareness training, display security awareness posters, insert reminders in banner greeting, and send email reminders to employees. Security policy violation- solution - place employee on probation, review AUP and employee Manuel, discuss during performance review. Employee blackmail or extortion- solution - track and monitor abnormal employee......

Words: 681 - Pages: 3

Impact of Data Classification Standard

...Impact of a Data Classification Standard The “Internal Use Only” data classification here at Richman Investments will include the User Domain, the Work Station Domain, and the LAN domain. These domains are the most basic IT Infrastructure domains, and they will cover all the users and workstations in the company. The “Internal Use Only” classification will cover information such as the company telephone directory, new employee training materials, and internal policy manuals. The User Domain defines the people who have access to a company’s information system. This domain contains all of the user information and will enforce an Acceptable Use Policy (AUP) that will define what each user has permissions to do with any company data that they may have access to. This domain is also the weakest link in any company’s infrastructure. The Workstation Domain is where all the user information will be verified, and an account will be set up. They will need to have a user name and password that is assigned to them by the IT department, before they can access the systems, application or data. No personal devices or removable media will be allowed on the network, and all systems will undergo regular updates, and have anti-virus and anti-malware installed on each workstation for monitoring. There will also be an Access Control List (ACL) drawn up to define what access each individual will have on the network. The LAN domain includes all data closets and physical as well as......

Words: 413 - Pages: 2

Impact of a Data Classification Standard

...Impact of a Data Classification Standard Sir: The following IT infrastructure domains that are being affected by the “Internal Use Only” data classification are: the user domain, the workstation domain, the LAN to WAN domain, and the remote access domain. Each of these has their own sets of problems. I will describe each problem for each domain and make a recommendation on how to rectify the situation. The user domain is where the access rights for each employee starts. I observed that many of the employees were not following the company’s policies of securing data. When questioned several of the employees stated that they were not aware of the policies. I would recommend that there is a semiannually security awareness training conducted for all employees. I also noted that there were quite a few individuals using personal USB drives with personal photos, music, and documents on them. I would recommend that each time an employee plugs in a personal device to a computer that an automatic scan occur with no way for the employee to stop the scan. The workstation domain is the second domain that I observed data compromising occurring. In my observations I noticed that many of the employees do not log off or lock their computer screens when they are away from their computer thereby making it easy for anyone to walk by and have access to the information they are authorized to use. I have several recommendations for this. One is to post a memo reminding......

Words: 496 - Pages: 2

Impact of a Data Classification Standard

...administrators to place security measures against unauthorized use, access, modification, loss and deletion. Richman Investments Client’s social security numbers, credit/debit card numbers, personal account numbers must be protected by law. The purpose of this report is to describe the “Internal Use Only” standards set by Richman Investments, the information obtained for this report consist of a study done on three of the seven layers of our IT infrastructure so you may understand our security policy’s and understand it importance. The seven domains is consist of; User Domain, LAN Domain, LAN-to-WAN Domain, Workstation Domain, Remote Access Domain, WAN Domain, and System/Application Domain. Each one requires proper security controls and meet the requirements of the A-I-C triad. The following is an overview of just three infrastructure domains that are in this “Internal Use Only” report, The User Domain, the Workstation Domain and the LAN Domain. The User Domain identifies which people can access the information and contains all of the user’s information records. Employees at Richman Investments must follow the rulebook that defines what each user can and cannot do with the company’s data. The Workstation Domain is where all the user information will be verified from, and then approved on the company network. On the workstation domain, the staff should have the necessary access to be productive; they will need to have a user name and password that is assigned to......

Words: 386 - Pages: 2

Impact of a Data Classification Standard

...Impact of a data classification standard The "Internal Use Only" data classification standard at Richman Investments will include the most basic IT infrastructure domains to include the User Domain, Workstation Domain, and the LAN Domain. This will encompass all users and their workstations, as well their access to the internet and company server databases and any information in between. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outside contractor or third-party representatives shall also need to agree and comply with the AUP. All users must be properly identified and sign this AUP prior to gaining any access whatsoever to the company network. No exceptions. Any violation will be taken up with company executives and/or the authorities to assess further punitive action. The Workstation Domain includes all workstations approved on the company network. No personal devices or removable media may be used on this network. All devices and removable media will be issued by the company for official use only. To access any workstation, a user will need to be first verified, then setup with an account to be logged in with a username and pass code adhering to the IT departments set standards. All systems will undergo regular updates and be provided with anti-virus and anti-malware software for system monitoring. Access Control......

Words: 328 - Pages: 2

Impact of Data Classification Standard

...Impact of Data Classification Standard and Internal Use Only Data classification standard provides the means of how the business should handle and secure different types of data. Through security controls different data types can be protected. All these security controls should apply to each of every IT infrastructure in which it will state how the procedures and guidelines will guarantee the organization’s infrastructures security. This report will identify the definition of “Internal Use Only” data classification standard of Richman Investments. Internal Use Only includes information that requires protection from unauthorized use, disclosure, modification, and or destruction pertaining to a particular organization. This report will tackle 3 IT infrastructure including workstation domain, LAN-Wan Domain, and Remote Access Domain. Internal Use Only data includes data related to business operations, finances, legal matters, audits, or activities of a sensitive nature, data related to stake holders, information security data including passwords, and other data associated with security related incidents occurring at the business company, internal WCMC data, the distribution of which is limited by intention of the author owner or administrator. For the Workstation Domain, the impact of data classification standard internal use only can possibly applied when a user violates AUP and generates security hazard for the establishment’s IT infrastructure. In order to prevent......

Words: 596 - Pages: 3

Impact of a Data Classification Standard

...Internal use only data classification would include the User domain, the workstation domain, and the LAN domain. These domains are the basic IT infrastructure domains, and they will cover all the users and workstations in the company. The Internal use only classification will cover info such as telephone directory, internal policy manuals, and new employee training material. The user domain is where only one user will have access to it. This can be configured to internal use only. By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. The Workstation Domain, the impact of data classification standard internal use only can possibly applied when a user violates AUP and generates security hazard for the establishment’s IT infrastructure. In order to prevent something like this from happening, the Richman Investments can hire a professional to train all employees for a security awareness campaign and programs throughout the year The LAN domain includes all data closets and physical as well as logical elements of the LAN. This domain needs strong security, being that it is the entry and exit points......

Words: 300 - Pages: 2

Impact of a Data Classification Standard

...Three IT infrastructure domains that are affected by the standard and are affected by “Internal Use Only” are the User, Workstation and LAN domain. The user domain is made up of the people who can access the information with an AUP. This domain is considered one of the weakest and most affected for several reasons, but mostly the lack of user awareness. The second is the workstation domain. This domailn is made up of the devices that employees use to connect to the IT infrastructure. This domain requires a strong security and controls because this is where users first access the system. If you can have unauthorized user access situation; make sure you have a strong password and screen lockout policy in place. If you have any software vulnerabilities or software patch updates that are needed; make sure you have the workstation OS vulnerability window policy in place so to it can be consistently monitored and updated. And the third domain is the Local Area Network domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements of the LAN, as well as logical elements as designated by authorized personnel and requires a strong security and access controls. This domain can access company-wide systems, applications, and data from anywhere within the LAN. The LAN support group is in charge maintaining and securing this domain. The biggest threat to the LAN domain is......

Words: 286 - Pages: 2

Impact of a Data Classification Standard

...Following are three important “Internal Use Only” data classification standards of Richman Investments: 1. User Domain – This layer is by far the most vulnerable portion of any IT infrastructure. Without restrictions and education a user would have free rein to expose a network to a myriad of security risks. Richman Investments is not immune to this blight. For this reason, special attention is given to precautions for and education of users. Domain administrators have processes in place to monitor user activity and limit access to portions of the domain. These rules are defined under the acceptable use policy. This policy outlines what users are allowed to do with the company data that they have access to. Above all, users are accountable for their own actions. They are expected to secure their physical and virtual environment to the best of their abilities. 2. Workstation Domain – Another integral part of the overall security of any network. This domain is the access to the local area network via something like a NIC card. It is accomplished through some type of verification as a deterrent to hackers. Here is Richman Investments we have a multi-level security system in place. First, to access any area that contains a workstation at least one door requiring a key card will need to be entered. Next, at the workstation your username has been replaced by biometrics via your thumbprint. With the print you will have to enter your password. Password requirements include: at......

Words: 454 - Pages: 2

Impact of a Data Classification Standard

...Data Classification Standard is a guideline of how a business or organization should handle as well as secure their different array of data. With this particular report it will describe the “Internal Use Only” data of an Investment firm. Internal use only should tell you that this is information that is seen by employees of a company and no one else. There are 3 domains that could be under this umbrella of internal use only these would be the User Domain, Workstation Domain and the LAN domain. First we have the User Domain which defines the employees that will access the company’s information systems. This particular domain is the weakest link in the domain infrastructure due the users on this system that don’t think about the vulnerabilities and threats which include lack of user awareness, apathy towards policies, policy violations, downloads of personal or files that could malicious. Each of these risks is presented on an everyday basis that could compromise a company’s internal data. Secondly, you have the workstation domain, which is the domain where most of the users connect to the organizations infrastructure. This domain should require very tight security as well as access rights. Meaning, each user on the domain should only have the right to access what they need to be able to do their job productively and no more. This will have an impact in lowering the chance of breach in security. Some threats with this domain include; Unauthorized access to workstations...

Words: 417 - Pages: 2

Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard

...Nt2580 - Unit 1 Assignment 2: Impact of a Data Classification Standard Unit 1 Assignment 2: Impact of a Data Classification Standard * User Domain This Domain is where only one user will have access to it. This can be configured to internal use only. By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. * Workstation Domain Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in order to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the password to be changed every 30 days. All computers maintain regular updates and continuous antivirus protection for monitoring. Additionally, no personal devices are allowed on the network. * LAN Domain The Local Area Network (LAN) Domain is a group of computers all connected to a single LAN domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements......

Words: 341 - Pages: 2

Impact of a Data Classification Standard

...Impact of a Data Classification Standard This report is to identify the IT infrastructure domains that affect the “Internal Use Only” data classification standard of Richman investment and go into details as to how each domain is affected. User Domain The first domain that affects this standard is the user domain and also maybe one of the more vulnerable of the IT infrastructure. User domain consists of the people that accesses Richman’s information system. Users at this level are expected to be responsible for the information they access here at Richman, but because that is not always the cause, Richman will have in place an acceptable use policy (AUP). The AUP will, in detail, define what information which users are allow to access and also what they are allowed to do with that information. Richman Investments deal mostly with customer’s financial records, so anyone with that violates Richman’s AUP and poses a threat to the company information and could faces immediate dismissal. Workstation Domain The workstation domain is the second domain affected by the “Internal Use Only” standard. This is where users will access the network via some type of device such as desktop, laptop, tablet, smart phone, etc. It is very important that IT department keep workstations update to date with latest and relevant software updates, security patches, and antivirus/malware protection. The workstations will be accessible with a user define password that must meet password......

Words: 385 - Pages: 2

Impact of a Data Classification Standard

...nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. * Workstation Domain Workstation Domain is where all the users work. Before a user can log into the machine, he/she will need to be verified in order to gain access. At Richman Investments, we provide very secure access for the employee workstations with a username and password. A security protocol requires the password to be changed every 30 days. All computers maintain regular updates and continuous antivirus protection for monitoring. Additionally, no personal devices are allowed on the network. The User domain, or employees, can be vulnerable in many ways. Lack of awareness, apathy towards security policies, downloading of unauthorized software, blackmail and bad relationships or more. Workstation domain, computer systems and units on company property, can be compromised by unauthorized access, viruses or malware. LAN domain compromising from unauthorized access to wiring closets, data centers & servers. System/Application domain, company proprietary software or employee records & financial information, can be affected. These means are more difficult due to hackers having to "physically" be on the......

Words: 581 - Pages: 3

Impact of Data Classification Standard

...the standard and are affected by "Internal Use Only" are the User, Workstation and LAN domain. The user domain is made up of the people who can access the information with an AUP. This domain is considered one of the weakest and most affected for several reasons, but mostly the lack of user awareness. The second is the workstation domain. This domailn is made up of the devices that employees use to connect to the IT infrastructure. This domain requires a strong security and controls because this is where users first access the system. If you can have unauthorized user access situation; make sure you have a strong password and screen lockout policy in place. If you have any software vulnerabilities or software patch updates that are needed; make sure you have the workstation OS vulnerability window policy in place so to it can be consistently monitored and updated. And the third domain is the Local Area Network domain. The LAN Domain is a collection of computers connected to one another or to a common medium. All LAN domains include data closets, physical elements of the LAN, as well as logical elements as designated by authorized personnel and requires a strong security and access controls. This domain can access company-wide systems, applications, and data from anywhere within the LAN. The LAN support group is in charge maintaining and securing this domain. The biggest threat to the LAN domain is Un-authorized access to anything (the LAN, the systems, & the data)......

Words: 286 - Pages: 2

Impact of a Data Classification Standard

...I have identified at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. The infrastructure at Richman Investments will include the basic domains as the User Domain, Workstation Domain, and the LAN Domain. This should cover all the users and access to the internet and everything in between. • User Domain The User Domain defines the people who access an organization’s information system. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. Its like a rulebook that employees must follow. Users are responsible for their use of IT assets. The User Domain is the weakest link in the IT infrastructure. Any user responsible for computer security must understand what brings someone to compromise the data of an organization. • Workstation Domain The Workstation Domain is where must users are approved on the company network. On the workstation domain, the staff should have the necessary access to be productive. To access any workstation, a user will need to be first verified, then setup with an account to be logged in with a username and password assigned by the IT departments set by Richman Investments. All computers have maintain regular updates and continuous antivirus protection for monitoring. Also, no personal devices will be allowed on the network. • LAN Domain The local area network (LAN) Domain is a collection...

Words: 340 - Pages: 2

Cosmos A Spacetime Odyssey | John Ortiz | Economics and Free Market Economy