Free Essay

Policy Definition & Data Classification

In: Computers and Technology

Submitted By schit
Words 487
Pages 2
8/1/2015

NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework





NT2580 Unit 7 Policy Definition and Data
Classification Standard
Home  ITT Tech  NT  NT 2580  NT2580 Unit 7 Policy Definition and Data Classification Standard



You have successfully unlocked this document. You have 24 more unlocks



available.

Was this document helpful?
 Yes




Download Document

http://www.coursehero.com/file/11610135/NT2580­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100

1/6

8/1/2015

NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework

Share and earn access



CorporalStarViper9176
ITT Tech
Follow

3

 1787

 302

http://www.coursehero.com/file/11610135/NT2580­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100

2/6

8/1/2015

NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework





VIEWS

UNLOCKS

0

1





HELPFUL

UNHELPFUL

0

0

About this Document
SCHOOL

ITT Tech
COURSE

NT 2580, Summer 2014
COURSE TITLE

Introduction to Information Security
PROFESSOR

MR J
TYPE

Homework
PAGES

1
WORD COUNT

206
Is this correct?
 Flag

Get Help in NT 2580

http://www.coursehero.com/file/11610135/NT2580­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100

3/6

8/1/2015

NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework

Ask our Tutors a Question...

Select a Subject: *
Select a Subject

Due Date and Time: *
Due Date



Any



Attach File(s):
Upload File(s)

0 file(s) attached

Get Answer

Leave a Comment (0)

Leave your comment here...

Submit

Cancel

Related Documents from NT 2580

http://www.coursehero.com/file/11610135/NT2580­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100

4/6

8/1/2015

NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework

64 pages

2 pages

1 pages

Scan Report August
25 2014 Summary

Megan Richmond
Julia Munoz GS2745

Screenshot (6)

Screenshot (1)

ITT Tech

ITT Tech

This document reports on the

Unit 6 Lab 2 Budget
Exercise 1272015 The

NT 2580

NT 2580

results of an

ITT Tech

Fall 2014

Fall 2014

ITT Tech

NT 2580

NT 2580

Fall 2014

Fall 2014
Scan Report August 25,
2014 Summary This document reports on

Megan Richmond Julia
Munoz GS2745-Unit 6
Lab 2: Budget Exercise
1/27/2015 The

 Prev

Next 

Company

Careers

About Us

Our Team

Blog

Jobs

Sitemap

Internship

Help

Legal

Contact Us

Copyright Policy

FAQ

Privacy Policy

Feedback

Terms of Use

http://www.coursehero.com/file/11610135/NT2580­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100

5/6

8/1/2015

NT2580 Unit 7 Policy Definition and Data Classification Standard : NT 2580 : ITT Tech : Homework

Copyright © 2015. Course Hero, Inc.
Course Hero is not sponsored or endorsed by any college or university.

http://www.coursehero.com/file/11610135/NT2580­Unit­7­Policy­Definition­and­Data­Classification­Standard/?timestamp=20150801105100

6/6…...

Similar Documents

Premium Essay

Impact of a Data Classification Standard

...IT-255 unit 1 assignment 2: impact of a data classification standard Hello everyone at Richman investments, I was s asked to write a brief report that describes the "internal use only" data classification standard of Richman investments. I will list a few of the IT infrastructure domains that are affected by the standard and how they are affecting the domain and their security here at Richman investments. * User domain The user domain defines the people who access an organizations information system. In the user domain you will find an acceptable use policy (AUP). An AUP defines what a user can and cannot do with organization-owned IT assets. It is like a rulebook that the employees must follow. Failure to follow these rules can be grounds for termination. The user domain is the weakest link in an IT infrastructure. Anybody who is responsible for computer security understand what motivates someone to compromise an organization system, application, or data. Now I am going to list risk and threats commonly found in the user domain and plans you can use to prevent them. Lack of user awareness - solution - conduct security awareness training, display security awareness posters, insert reminders in banner greeting, and send email reminders to employees. Security policy violation- solution - place employee on probation, review AUP and employee Manuel, discuss during performance review. Employee blackmail or extortion- solution - track and monitor abnormal employee......

Words: 681 - Pages: 3

Premium Essay

Iss Data Classification Standards.Docx

...ISS Data Classification Standards: Governance is the set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved, ascertaining that risks are managed appropriately and verifying that the enterprise's resources are used responsibly. Information Security Governance or ISG is a subset discipline of Corporate Governance focused on information Security systems and their performance and risk management. A security policy is an overall general statement produced by senior management (or a selected policy board or committee) that dictates what role security plays within the organization. There are three types of policies; regulatory, advisory, and informative. There are also three types of security policies; organizational, issue specific and system specific. Standards refer to mandatory activities, actions, rules, or regulations. Also standards can give a policy its support and reinforcement in direction. Standards could be internal, or externally mandated as well. Procedures are detailed step-by-step tasks that should be performed to achieve a certain goal such as procedures on how to install operating systems, configure security mechanisms, implement access control lists, set up new user accounts, assign computer privileges, etc… Procedures are considered the lowest level in the policy chain because they are closest to the computers and users If a policy states that all...

Words: 626 - Pages: 3

Premium Essay

Impact of a Data Classification Standard

...Impact of a Data Classification Standard Sir: The following IT infrastructure domains that are being affected by the “Internal Use Only” data classification are: the user domain, the workstation domain, the LAN to WAN domain, and the remote access domain. Each of these has their own sets of problems. I will describe each problem for each domain and make a recommendation on how to rectify the situation. The user domain is where the access rights for each employee starts. I observed that many of the employees were not following the company’s policies of securing data. When questioned several of the employees stated that they were not aware of the policies. I would recommend that there is a semiannually security awareness training conducted for all employees. I also noted that there were quite a few individuals using personal USB drives with personal photos, music, and documents on them. I would recommend that each time an employee plugs in a personal device to a computer that an automatic scan occur with no way for the employee to stop the scan. The workstation domain is the second domain that I observed data compromising occurring. In my observations I noticed that many of the employees do not log off or lock their computer screens when they are away from their computer thereby making it easy for anyone to walk by and have access to the information they are authorized to use. I have several recommendations for this. One is to post a memo reminding......

Words: 496 - Pages: 2

Premium Essay

Data Classification Standard

...There are three domains that are affected by an “Internal Use Only” data classification standard. The three domains most affected by the classification are the: User domain, Workstation domain, and LAN domain. ​The User Domain: * Is made up of the people who can access the information system. With an AUP (Acceptable Use Policy) for this domain, any third party that requires access to the network must sign an AUP and a confidentiality agreement. This domain is considered one of the weakest and the most affected for a few reasons. 1st is the lack of user awareness to correct this you should conduct security training with all personal. 2nd if you have obvious security violations after that training then you need to place the employees on probation and review the AUP. 3rd when users are downloading various different files that do not conform to the established security guidelines then enabling content filtering and automatic antivirus scans would be wise. ​The Workstation Domain: * Is made up of the devices that employees use to connect to the IT infrastructure. Availability for this domain is necessary so that all employees can easily access any tools needed to perform their work duties. This domain requires strong security and controls because this is where users first access the system. It is also where sizeable damage to system can occur. Here are some problems the can happen with some corrective solutions. If you can have unauthorized user access......

Words: 441 - Pages: 2

Premium Essay

Data Classification

...Carlos L. Valverde NT2580 Unit1/Assignment 2 03/25/13 Impact of a Data Classification Standard “Internal Use Only” This is my brief report on the IT infrastructure domain. I will be describing the “internal use only “data classification standards set by Richman Investments. The user domain is the first layer of the IT infrastructure I will discuss that is affected by the “internal use only” standard. It is the first layer and what some believe to be the weakest in the infrastructure. The user domain is where personal information is created and obtained for internal use only. Each person will have set permissions on what they can and cannot do. This way no one person can mess up or delete anything that doesn’t need to be (Jones and Bartlett Learning). The work station domain is the second layer of the infrastructure that I will discuss. This is also affected by the “internal use only” standard. This layer is where the user can access the network and any applications or information on the system. This requires a user to login with a password or authentication of some kind. This has to be done before this person can get to this information. This will help keep people out that aren’t supposed to be accessing the information (Jones and Bartlett Learning). The LAN to WAN domain is the third layer of the infrastructure I will discuss. I feel this is also affected by the “internal use only” standard. The......

Words: 340 - Pages: 2

Premium Essay

Data Classification Plan

...Data Classification Policy I. PURPOSE The purpose of this data classification policy is to provide a system for protecting information that is critical to the organization. All workers who may come into contact with confidential information are expected to familiarize themselves with this data classification policy and to consistently use it. II. POLICY The organizations data classification system has been designed to support the need to know so that information will be protected from unauthorized disclosure, use, modification, and deletion. Consistent use of this data classification system will facilitate business activities and help keep the costs for information security to a minimum. Without the consistent use of this data classification system, Company X unduly risks loss of customer relationships, loss of public confidence, internal operational disruption, excessive costs, and competitive disadvantage. Applicable Information: This data classification policy is applicable to all information in the Company X s possession. For example, medical records on patients, confidential information from suppliers, business partners and others must be protected with this data classification policy. No distinctions between the word data , information , knowledge, and wisdom are made for purposes of this policy. Consistent Protection: Information must be consistently protected throughout its life cycle, from its origination to its destruction. Information......

Words: 540 - Pages: 3

Premium Essay

Impact of Data Classification Standard

...Impact of Data Classification Standard and Internal Use Only Data classification standard provides the means of how the business should handle and secure different types of data. Through security controls different data types can be protected. All these security controls should apply to each of every IT infrastructure in which it will state how the procedures and guidelines will guarantee the organization’s infrastructures security. This report will identify the definition of “Internal Use Only” data classification standard of Richman Investments. Internal Use Only includes information that requires protection from unauthorized use, disclosure, modification, and or destruction pertaining to a particular organization. This report will tackle 3 IT infrastructure including workstation domain, LAN-Wan Domain, and Remote Access Domain. Internal Use Only data includes data related to business operations, finances, legal matters, audits, or activities of a sensitive nature, data related to stake holders, information security data including passwords, and other data associated with security related incidents occurring at the business company, internal WCMC data, the distribution of which is limited by intention of the author owner or administrator. For the Workstation Domain, the impact of data classification standard internal use only can possibly applied when a user violates AUP and generates security hazard for the establishment’s IT infrastructure. In order to prevent......

Words: 596 - Pages: 3

Premium Essay

Impact of a Data Classification Standard

...Internal use only data classification would include the User domain, the workstation domain, and the LAN domain. These domains are the basic IT infrastructure domains, and they will cover all the users and workstations in the company. The Internal use only classification will cover info such as telephone directory, internal policy manuals, and new employee training material. The user domain is where only one user will have access to it. This can be configured to internal use only. By default, the IT department tries to maintain a certain level of Security for this, so that nobody can access from the outside, only the IT Department can grant access privilege for Remote Access Point. The User Domain will enforce an acceptable use policy to define what each user can and cannot do with any company data that he or she has access to. Also, every user on the company is responsible for the security of the environment. The Workstation Domain, the impact of data classification standard internal use only can possibly applied when a user violates AUP and generates security hazard for the establishment’s IT infrastructure. In order to prevent something like this from happening, the Richman Investments can hire a professional to train all employees for a security awareness campaign and programs throughout the year The LAN domain includes all data closets and physical as well as logical elements of the LAN. This domain needs strong security, being that it is the entry and exit points......

Words: 300 - Pages: 2

Premium Essay

Data Classification

...Minimal ANN (MANN) model for Data Classification Gunanidhi Pradhan, Bhubanananda Orissa School of Engineering, Cuttack gunanidhi_p@rediffmail.com Gadde Vyshnavi Kalyan,Final Yr IT,ANITS vyshv.sanjana@gmail.com Suresh Chandra Satapathy, MIEEE, Anil Neerukonda Institute of Technology & Sciences (ANITS), Vishakapatnam Dist sureshsatapathy@ieee.org Bhabatosh Mitra,FM University, Balasore bhaba_mit@yahoo.co.uk Sabyasachi Pattnaik,,FM University, Balasore spattnaik40@yahoo.co.in Abstract- Data Classification is a prime task in Data mining. Accurate and simple data classification task can help the clustering of large dataset appropriately. In this paper we have experimented and suggested a simple ANN based classification models called as Minimal ANN ( MANN) for different classification problems. The GA is used for optimally finding out the number of neurons in the single hidden layered model. Further, the model is trained with Back Propagation (BP) algorithm and GA (Genetic Algorithm) and classification accuracies are compared. It is revealed from the simulation that our suggested model can be a very good candidate for many applications as these are simple with good performances. Keywords- ANN, Genetic Algorithm, Data classification I. INTRODUCTION Data classification is a classical problem extensively studied by statisticians and machine learning researchers. It is an important problem in variety of engineering and scientific disciplines such as biology, psychology, medicines,......

Words: 4028 - Pages: 17

Free Essay

Impact of a Data Classification Standard

...Data Classification Standard is a guideline of how a business or organization should handle as well as secure their different array of data. With this particular report it will describe the “Internal Use Only” data of an Investment firm. Internal use only should tell you that this is information that is seen by employees of a company and no one else. There are 3 domains that could be under this umbrella of internal use only these would be the User Domain, Workstation Domain and the LAN domain. First we have the User Domain which defines the employees that will access the company’s information systems. This particular domain is the weakest link in the domain infrastructure due the users on this system that don’t think about the vulnerabilities and threats which include lack of user awareness, apathy towards policies, policy violations, downloads of personal or files that could malicious. Each of these risks is presented on an everyday basis that could compromise a company’s internal data. Secondly, you have the workstation domain, which is the domain where most of the users connect to the organizations infrastructure. This domain should require very tight security as well as access rights. Meaning, each user on the domain should only have the right to access what they need to be able to do their job productively and no more. This will have an impact in lowering the chance of breach in security. Some threats with this domain include; Unauthorized access to workstations...

Words: 417 - Pages: 2

Free Essay

Implementation of a Data Classification Policy

...The following is a policy defining how data will be classified and how users will be able to access that data. New user accounts can be setup within Active Directory New Users and Computers (Create a new user account, 2005, January 21). This will allow the Administrator to create a User name and a unique password for that user. Once this is done, the user can then be placed in a group (Create a new group, 2005, January 21). This group will depend on what role the user will be fulfilling; for example if the user will be in the accounting department, they will be placed in the accounting group. Once the User has been specified into a group, then permissions can be applied for that group. For example, the accounting department may have two different groups – Users and Managers. Any file that has to deal with accounting can then have their permissions modified depending on the role of the user. This will also allow the administrator to setup the data classification of least privilege. To fulfill their job Managers will need to the option to read and write files, and to create new folders. This allows the manager to complete their job without having too much access. The User group will only need access to List Folder/Read data (Stanek, W. n.d.). This allows the user to read the information within the file but does not allow them to change any information within the folder. Lastly, any changes that are made within the system need to be documented for reference. Documentation of......

Words: 526 - Pages: 3

Free Essay

Impact of a Data Classification Standard

...Impact of a Data Classification Standard This report is to identify the IT infrastructure domains that affect the “Internal Use Only” data classification standard of Richman investment and go into details as to how each domain is affected. User Domain The first domain that affects this standard is the user domain and also maybe one of the more vulnerable of the IT infrastructure. User domain consists of the people that accesses Richman’s information system. Users at this level are expected to be responsible for the information they access here at Richman, but because that is not always the cause, Richman will have in place an acceptable use policy (AUP). The AUP will, in detail, define what information which users are allow to access and also what they are allowed to do with that information. Richman Investments deal mostly with customer’s financial records, so anyone with that violates Richman’s AUP and poses a threat to the company information and could faces immediate dismissal. Workstation Domain The workstation domain is the second domain affected by the “Internal Use Only” standard. This is where users will access the network via some type of device such as desktop, laptop, tablet, smart phone, etc. It is very important that IT department keep workstations update to date with latest and relevant software updates, security patches, and antivirus/malware protection. The workstations will be accessible with a user define password that must meet password......

Words: 385 - Pages: 2

Premium Essay

Data Classification

...District Office, Information Security Public Page 1 of 3 Data Classification Standards Purpose: To protect the confidentiality, integrity, and availability of Pima Community College data – pursuant to Data Trusteeship (SPG-5702/AB) and Security of the Information Technology Infrastructure (SPG-5702/AC) – through the identification of information that requires protection. Audience: All members of the Pima Community College community, including faculty, staff, and students. Sponsoring Unit: Vice Chancellor of IT, 2008. I. Definitions A. Responsible parties Data Trustees: Per SPG-5702/AB: “The accuracy and completeness of the data within the Enterprise Resource Planning systems are the responsibility of functional units of the College. All student information and grants systems data are assigned to the Office of the Provost. All finance data and payroll modules are assigned to the Office of the Executive Vice Chancellor of Administration. All human resources data, except payroll, are assigned to the Vice Chancellor of Human Resources. Data Stewards: Deans, vice chancellors, assistant vice chancellors, directors, managers or others as identified by the data trustees to manage a subset of data. Data Processor: Any individuals who have been authorized by a data steward to create, remove, or modify data. B. College data types The assessment criteria for the following classifications were derived from the National Institute of......

Words: 1075 - Pages: 5

Premium Essay

Data Classification Hicca

...[pic] Data Classification Policy Disclaimer of warranty—THE INFORMATION CONTAINED HEREIN IS PROVIDED "AS IS." HAWAII HEALTH INFORMATION CORPORATION (“HHIC”) AND THE WORKGROUP FOR ELECTRONIC DATA INTERCHANGE (“WEDI”) MAKES NO EXPRESS OR IMPLIED WARRANTIES RELATING TO ITS ACCURACY OR COMPLETENESS. WEDI AND HHIC SPECIFICALLY DISCLAIM ALL WARRANTIES, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL HHIC OR THE HIPAA READINESS COLLABORATIVE (“HRC”) BE LIABLE FOR DAMAGES, INCLUDING, BUT NOT LIMITED TO, ACTUAL, SPECIAL, INCIDENTAL, DIRECT, INDIRECT, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL, COSTS OR EXPENSES (INCLUDING ATTORNEY'S FEES WHETHER SUIT IS INSTITUTED OR NOT) ARISING OUT OF THE USE OR INTERPRETATION OF HRC POLICIES OR THE INFORMATION OR MATERIALS CONTAINED HEREIN. This document may be freely redistributed in its entirety provided that this notice is not removed. It may not be sold for profit or used in commercial documents without the written permission of HHIC. While all information in this document is believed to be correct at the time of writing, this document is for educational purposes only and does not purport to provide legal advice. If you require legal advice, you should consult with an attorney. The information provided here is for reference use only and does not constitute the rendering of legal, financial, or other professional advice or......

Words: 1047 - Pages: 5

Free Essay

Data Mining Algorithms for Classification

...Data Mining Algorithms for Classification BSc Thesis Artificial Intelligence Author: Patrick Ozer Radboud University Nijmegen January 2008 Supervisor: Dr. I.G. Sprinkhuizen-Kuyper Radboud University Nijmegen Abstract Data Mining is a technique used in various domains to give meaning to the available data. In classification tree modeling the data is classified to make predictions about new data. Using old data to predict new data has the danger of being too fitted on the old data. But that problem can be solved by pruning methods which degeneralizes the modeled tree. This paper describes the use of classification trees and shows two methods of pruning them. An experiment has been set up using different kinds of classification tree algorithms with different pruning methods to test the performance of the algorithms and pruning methods. This paper also analyzes data set properties to find relations between them and the classification algorithms and pruning methods. 2 1 Introduction The last few years Data Mining has become more and more popular. Together with the information age, the digital revolution made it necessary to use some heuristics to be able to analyze the large amount of data that has become available. Data Mining has especially become popular in the fields of forensic science, fraud analysis and healthcare, for it reduces costs in time and money. One of the definitions of Data Mining is; “Data Mining is a process that consists of applying data analysis and......

Words: 5455 - Pages: 22