Continuing Case Study Chapter 8

docx

School

Regent University *

*We aren’t endorsed by this school

Course

406

Subject

Information Systems

Date

Jun 22, 2024

Type

docx

Pages

3

Uploaded by GeneralFreedomDinosaur4458

Report
Continuing Case Study Chapter 8 1. For the prototype user interface, design a switchboard that leads from the main sections to sub-sections of related system tasks. The main sections may include member information, registration, payments, fitness instructors, and any other top-level sections necessary for Personal Trainer’s system. Subsections may include account information, class registration, schedules, and class rosters. Prepare storyboards that show the proposed screens, including at least two sublevel tasks for each action 4. Personal Trainer is very concerned about the security and protection of the information they collect in the new information system. Prepare a memo to Gray and Personal Trainer’s staff that explains the input and output security controls that will be built into the new systems and the policies that will enforce these controls. Subject: Information System Security Controls and Policies To: Gray and Personal Trainers Staff From: Susan Park Date: June,16,2024 Submit Class Roster Schedules Class Registration Personal Training INC. Account Information Payments Fitness Instruction Member Information Registration
Dear Team, I am writing to emphasize the critical importance of security and protection for the information we collect in our new information system. Safeguarding the confidentiality, integrity, and availability of this data is paramount to our operations. To achieve this, we are implementing stringent security controls and enforcing policies to govern these measures. Please take a moment to acquaint yourself with these protocols. Input Security Controls: Data Encryption: All the data exchanged between your application and our information system will be encrypted using industry-standard protocols to prevent its unauthorized interception. Access Controls: This shall be ensured by restricting the access to the system through role-based permissions, which guarantees access for feeding data only to authorized personnel. It is further supported by multi-factor authentication to provide security in logging into the system. Data Validation: Input data will be validated strictly so that no malicious or incorrect data can be fed to the system. Audit Trails: An audit trail of all data inputs shall be maintained and thus provide a record of the changes addressed within the system. Output Security Controls: Data Encryption: Similar to the input data, all data fetched from the system shall be encrypted so that it provides safety during transmission.. Access Controls: This means that specific output data types will be available only to authorized persons; that is, role-based access controls. Data Masking: Sensitive data shall be masked or redacted whenever necessary to prevent unauthorized exposure. Secure File Transfer: Wherever reports or data need to be shared outside, appropriate secure protocols and methods will be applied to the information in transit. Security Policies: Data Classification: The sensitivity of the data will be ranked, and access controls will be implemented in line with those rankings. Password Policies: In this regard, password policies incorporating regular change and complexity will be implemented.
Data Retention: These policies of data retention, if clearly articulated, will define exactly the kinds of information maintained, the duration for which we may retain them, and when it should be disposed of securely. Incident Response: Clearly outlined incident response plan for effective handling of security breaches or incidents in the best manner, should such occur. Training and Awareness: Conducting training and creating awareness on an ongoing basis would mean that every responsible would have the necessary information required for the safekeeping of his/her information or company’s property. Let us note that these security measures are in place not to slow you down but to safeguard our clients and our institution’s data. It is the duty of all of us to help keep the place safe. I appreciate your prompt consideration in this matter. Thank you for your attention to this matter. Sincerely, Susan Park
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

CYB 240 7-2 Project Two Recommendations Report KOCH.docx
CYB 230 Module Three Lab Worksheet KOCH.docx
CYB 200 Module 1-3 Activity.docx
CYB 200 6-2 Project 2 KOCH.docx
CYB 240 Project One Milestone Template KOCH.docx
CYB 200 7-1 Project 3 KOCH.docx
IDS 105 Project Template (1) (1) (1) (1) (2).docx
CYB 200 Module Three Case Study Template_KOCH.docx
e5 ntervención organizacional.docx
SEC220_Lab2 Part1_Symmetric Encryption_updated24Jan2022.docx
Sample Exam Paper (2).docx
VanopdurpP-BUSN600-Part3Final.docx