Академический Документы
Профессиональный Документы
Культура Документы
A. Recommend changes (i.e., modifications, insertions, or deletions) to the attached Service Level Agreement to better protect Finmans data and intellectual property. Section 3 Background and Rationale Modifications:
Finman views this SLA as a groundbreaking venture to harness the diverse array of IT-borne customer demands and opportunities that cannot be met by adhering to traditional paradigms. Finmans objectives in the SLA are to compete more effectively in a highly competitive industry by offering its customers a unified IT management plan across an entire organization or even, if the customer wishes, across separate departments and divisions. Datanal, utilizing sophisticated data-mining software developed by Minertek, will recognize and integrate common IT characteristics from disparate operations, programs, procedures, and products even those located in separate and unrelated service areas. This enables the customer to reduce or eliminate duplicate, parallel systems and to achieve economies of scale and open new opportunities. The consolidation of assets will require a review of existing hardware systems, applications, and network authentication processes. Datanal will establishment an Access Control List (ACL) system and create Group Policies (GP) to provide authentication and authorization to resources for users of network resources. Establishment of a Third Party Verification (TPV) process for users will provide confidentiality and integrity to meet current industry standards. Data storage integrity shall been reviewed and the establishment of a backup solution that will be compliant with industry standards. Datanal will insure Information Security (IS) will be improved to be compliant with International Trade Agreements, Federal patient laws, copyright laws and fair trade agreements.
30 May 2011
1. Justify how your recommendations will limit use, sharing, retention, and destruction of Finmans corporate data by Datanal and Minertek .
ITIL now known as Best Management Practice (BMP) provides Information Technology Security Management (ITSM) recommendations based on ISO 27000 series standards. These best practices established by BMP create a framework for Information Security Management (ISM). A four prong approach to ISM includes Communication Awareness Training, Rick Management, Firewall (Spam filters), and Vendors Manufacturing Agents. (Clinch, J. (2009, May)) The first step would be Communications Awareness training for all users using assets on the network. This would include Information Assurance (IA), basic computer and threat prevention training during the migration to CAC card and AD implementation. A user agreement and supervisor network access request form would be submitted for all users with proof of IA training. This agreement would state user responsibilities and penalties for violation of said agreement. Datanal will provide documentation and training resources to be distributed to all Finman organizations. Second, risk management would include the creation on auditing processes, data backup, and recovery strategies. Evaluation and modification of existing Host Based Intrusion Detection System (HBIDS), and virus detection software programs must be completed. If these systems are not in place a plan for implementation would be established. Data backup and recovery systems would be evaluated to include total solution with established disaster recovery plans and restoral processes. This would include documentation of all security tasks, audit logs and associated risks or threats. A data retention/storage program stating the length of time date is stored and ultimately disposed of must be established. Third, hardware devices such as firewalls, routers, proxy firewalls, computer based firewalls and Intrusion Detection and Protection Systems (IDPS) must be in place at all By Thomas A. Groshong Sr RLHT_Task3_2011-05-30.docx
30 May 2011
2. Justify how your recommendations will assure that Finmans property, patents, copyrights, and other proprietary rights are protected.
There are three basic ISM concepts: Availability, Confidentiality, and Integrity. (Clinch, J. (2009, May)) By implementing ACLs, GPs, and TPV much of the ISM work is done. An application such as Active Directory (AD) to create user accounts and security groups for the entire Finman organization would be a good approach. By creating accounts for each user and assigning them permissions to the network based on their association or group membership. AD can be created for a companys Wide Area Network (WAN) environment to include multiple Domains and across Local Area Networks (LANs). Management of this system can be locally and/or remotely managed for a 24/7 operation if needed. Each user would receive a Common Access Card (CAC) for TVL purposes that would hold certificates for personal identification and authentication. Users would gain access to the network using CAC and Personal Identification Number (PIN) assigned individually and controlled. ACLs would prevent user access to network data or systems not authorized permission to and GPs would provide the process to manage the network systems or services along organizational structures. Virtual Private Networks (VPNs) would be established for offsite access to the LAN and would be limited to Finman provided and Datanal configured computers. Wireless access within the confines of Finman properties will be limited in scope to Finman assets and require WPA2 encryption and Radius Server access using CAC authentication. (S A N S I n s t i t u t e , I n i t i a l s . ( n . d . ) )
30 May 2011
30 May 2011