Corporate Proposal V Security Guidelines
docx
keyboard_arrow_up
School
Grand Canyon University *
*We aren’t endorsed by this school
Course
121
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
2
Uploaded by MateComputerOtter50
As Canyon Aeronautics grows, we will need to address security concerns. We will focus
on a few aspects of security. The securities we will focus on will include physical, logon access,
appropriate usage, anti-virus protection, auditing, and updates and patches as well. By adding
these polices we can ensure that data and all systems will be protected.
Physical Security
To be able to secure our information we will need to have complete background checks
on every employee before hiring them. Since we are working for the government, we will need
to make sure everyone due not have a criminal background because of potential secret
classification. After the background check, each hired employee will be given an access card to
enter headquarters. There will be a running list that is updated on who can enter the building
which should be everyone. As for the server room and IT Department, there is an additional list
that will be required of who can access the offices and server rooms. Also, there will be a CCTV
system in place to ensure extra security.
Logon Access
Once a new hire is on board and all the paperwork has been processed, the system
administrators will review their information and create their accounts in Active Directory and
give them permission to the area they are working in. For an engineer employ, they will not have
access to files for human resources because this is not there are where they are working. When
the user account is created, they will be given a temporary password, and logging in for the first
time they will need to create a new password at least a minimum of 8 characters, they will need
to have complex as well such as adding a number and/or a special character (!). Passwords will
be set to be changed every 90 days and will have and will not be allowed to use previous
passwords from previous times in a calendar year. Login screens will be set to log off after 10
minutes of non-usage. Lastly, every 60 days all inactive accounts will be reviewed and removed
appropriately per policy. If a user is teleworking, there will be additional paperwork to be filed so
their accounts are not disabled or deleted.
Appropriate Usage
The system administrators will ensure appropriate usage of the network will be satisfied
by using monitoring tools for the network. For users on the other hand, system administrators
will create group policies so users are not accessing applications which could have deter mental
consequences. This means by creating group policies to disable command prompt, remove the
run function which users can change the registry, and disable control panel as well. A group
policy will also be in place so users will not be able to access sites for gaming or any other sites
deemed inappropriate.
Anti-Virus
The anit-virus software will be running continuously to ensure threats are detected and
taken care of swiftly. Having restrictions on gaming and inappropriate sites as stated above will
help deter this issue as well. The system administrators will use daily, weekly, and monthly
preventive maintenance to ensure data is always protected. They will be looking at logs off
system events and other tools to ensure everything is working smoothly.
Updates/patches
To continue to battle any outside threats, system administrators will be completing
updates and patches. This will only be done with an administrative user, where they will go to
system settings and click on Update and Security. They will see if any updates need to be
installed let notify all users through a group policy, they are doing updates and may see
degradation to the system.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help