Enterprise Security Essay Sample

Course Description

This class covers the managerial and proficient considerations related to entree controls. hallmark. external onslaughts. and other hazard countries confronting the endeavor. This class will besides study the techniques to forestall unauthorised computing machine and installation entree every bit good the constructs for protecting the hardware and package assets of the endeavor.

Policies

Faculty and students/learners will be held responsible for understanding and adhering to all policies contained within the undermentioned two paperss:

University policies: You must be logged into the pupil web site to see this papers.
Teacher policies: This papers is posted in the Course Materials forum.

University policies are capable to alter. Be certain to read the policies at the beginning of each category. Policies may be somewhat different depending on the mode in which you attend category. If you have late changed modes. read the policies regulating your current category mode.

Course Materials

Beekman. G. . & A ; Beekman. B. ( 2010 ) . Tomorrow’s engineering and you ( 9th ed. ) . Prentice Hall.

Dunn. C. L. . Cherrington. J. O. . & A ; Hollander. A. S. ( 2004 ) . Enterprise information systems: A pattern-based attack ( 3rd ed. ) . New York. New york: McGraw-Hill.

McCarthy. M. P. . Flynn. T. P. . & A ; Brownstein. R. ( 2004 ) . Hazard from the CEO and board position. New York. New york: McGraw-Hill.

McNurlin. B. C. . Sprague. R. H. . & A ; Bui. T. ( 2009 ) . Information systems direction in pattern ( 8th ed. ) . Upper Saddle River. New jersey: Pearson Education.

O’Brien. J. A. . & A ; Marakas. G. ( 2009 ) . Management information systems ( 9th ed. ) . New York. New york: McGraw-Hill.

Article Mentions:

Shaw. R. ( 2009 ) . Intrusion bar systems market tendencies. Faulkner Information Services.

Barr. J. G. ( 2009 ) . RFID engineering. Faulkner Information Services.

Barr. J. G. ( 2007 ) . The criterion of good pattern for information security. Faulkner Information Services.

Ferraiolo. D. F. . Chandramouli. R. . Ahn. G. . & A ; Gavrila. S. I. ( 2003 ) . The function control centre: Features and instance surveies. Proceedings of the Eighth ACM Symposium on Access Control Models and Technologies. 12-20.

Drumheller. R. ( 2008 ) . Biometricss: Fingerprint engineering. Faulkner Information Services.

Greiner. L. ( 2007 ) . Iris scan engineering. Faulkner Information Services.

Drumheller. R. ( 2007 ) . Conducting a concern impact analysis. Faulkner Information Services.

Ulasien. P. ( 2008 ) . IT security audits best patterns. Faulkner Information Services.

All electronic stuffs are available on the pupil web site.

Week One: Enterprise System Architecture-Overview

Detailss
Due
Points
Aims
1. 1 Understand the alone design. operation. and direction conditions associated with an Enterprise System Architecture ( ESA ) .
1. 2 Identify nucleus operational precedences associated with the development and direction of cross-functional endeavor systems.
1. 3 Recognize the major elements of Enterprise Application Architecture ( EAA ) .
1. 4 Examine major security issues associated with Enterprise Application Integration ( EAI ) and Enterprise Collaboration Systems ( ECS ) .

Readings
Read Ch. 1. “Our Digital Planet” . in Tomorrow’s Technology and You. Read Ch. 2. “Hardware Basicss: Inside the Box” . in Tomorrow’s Technology and You. Read Ch. 3. “Hardware Basicss: Peripherals” . in Tomorrow’s Technology and You. Read Ch. 4. “Software Basicss: The Ghost in the Machine” . in Tomorrow’s Technology and You. Read Ch. 7. “E-Business Systems” . in Management Information Systems. Read the Week One Read Me First.

Read this week’s Electronic Reserve Readings.

Engagement
Participate in category treatment.
07/13
2
In Class Quiz
Reading Quiz on readings.
07/13
2
Learning Team Instruction manuals
Learning Team Charter
Complete the Learning Team Charter.
07/13
2
Learning Team Instruction manuals
The survey of endeavor security is non complete without an exercising trying to construct a believable appraisal of assorted hazards as they affect enterprise security. This Learning Team Project requires pupils to develop a semi-quantitative. leaden analysis that generates a comprehensive threat/vulnerability analysis of enterprise security. along with appropriate security steps and recommendations. Additionally. the readings provide background information back uping assorted techniques. every bit good as how to make appraisals. how to make rankings. and so forth. These readings should be previewed every bit early as possible. instead than waiting for the specific hebdomad. The Enterprise Security Plan is due in Week Five.

ALSO READ  Sampling and Data Collection Plan Essay Sample

Select one of the companies in the Virtual Organization Portal.

As a Learning Team. brainstorm the hazards that an Enterprise IT organisation faces. Provide examples of hazards. in no peculiar order. to be considered:

An employee downloads and uses unauthorised software-for illustration. instant messaging tools-accesses personal e-mail via web mail. or uses USB thrusts to reassign information to and from work.

Company’s outward confronting for client entree has to entree internal database systems to see merchandises available for telling. order processing. and client order processing.

The company makes internal e-mail systems available through the web to going executives.

Week Two: Enterprise System Risks. Controls. and Access

Detailss
Due
Points
Aims
2
2. 1 Identify constituents of internal control systems.
2. 2 Apply enterprise-level hazard appraisal methodological analysiss.
2. 3 Recognize a cosmopolitan model for Enterprise Security Architecture ( ESA ) development.
2. 4 Distinguish the proficient and operational differences between Authentication and Access rules.
2. 5 Identify assorted entree control constructs: Discretionary Access Control ( DAC ) . Compulsory Access Control ( MAC ) . and Role-Based Access Control ( RBAC ) .

Readings
Read Ch. 5. “Productivity Applications” . in Tomorrow’s Technology and You. Read Ch. 6. “Graphics. Digital Media. and Multimedia” . in Tomorrow’s Technology and You. Read Ch. 7. “Database Applications and Privacy Implications” . in Tomorrow’s Technology and You. Read Ch. 14. “Enterprise System Risks and Controls” . in Enterprise Information Systems: A Pattern-Based Approach. Read the Week Two Read Me First.

Read this week’s Electronic Reserve Readings.

Engagement
Participate in category treatment.
07/20
2
In Class Quiz
Reading Quiz on readings.
07/20
2
Learning Team Reflection Summary
Collaborate with your larning squad to discourse the old week’s aims.

Discourse what you learned. what could be applicable to your workplace or personal life. and how your cognition has increased as a consequence of what you experienced through the acquisition activities in the old hebdomad.

Submit your squad sum-up of the treatment in a 1- to 2-page Microsoft® Word papers. 07/20
2
Learning Team Instruction manuals

Discuss the endeavor system. logical. and physical exposures associated with your Learning Team’s Enterprise Security Plan. See the undermentioned exposures:

Physical ( DoS )
System ( e-mail waiters )
Logical ( package ; for illustration. SQL injection attacks a package exposure )

Individual Assignment
When stipulating security policies for an endeavor. puting security on an individual-by-individual footing provides the tightest and most individualized security. The trade-off. nevertheless. is the increased sum of disposal attempt in puting up the security and keeping it on an on-going footing. You have been brought in as a adviser from Smith Systems Consulting to rede Riordan Manufacturing on what it will take to set up equal endeavor security policies. You will necessitate to fix a 3-5 page paper that high spots why they should set up separation of responsibilities via function assignment and how this will supply precautions to protecting the informations in their information systems. 07/20

15

Week Three: Distributed Systems: Architecture. Threats. Control. and Functions

Detailss
Due
Points
Aims
3
3. 1 Recognize security issues and considerations associated with Distributed Calculating Environments ( DCEs ) .
3. 2 Identify seven types of distributed systems.
3. 3 Understand endeavor function life-cycle constructs as related to security direction.
3. 4 Apply role-based security rules through instance survey analysis.

ALSO READ  System Development Life Cycle Essay Sample

Readings
Read Ch. 8. “Networking and Digital Communication” . in Tomorrow’s Technology and You. Read Ch. 9. “The Evolving Internet” . in Tomorrow’s Technology and You. Read Ch. 5. “Designing Corporate IT Architecture” . in Information Systems Management in Practice. Read the Week Three Read Me First.

Read this week’s Electronic Reserve Readings.

Engagement
Participate in category treatment.
07/27
2
In Class Quiz
Reading Quiz on readings.
07/27
2
Learning Team Reflection Summary
Collaborate with your larning squad to discourse the old week’s aims.

Discourse what you learned. what could be applicable to your workplace or personal life. and how your cognition has increased as a consequence of what you
experienced through the acquisition activities in the old hebdomad.

Submit your squad sum-up of the treatment in a 1- to 2-page Microsoft® Word papers. 07/27
2
Learning Team Instruction manuals

Make a quantitatively forced ranking of the hazards versus exposures by utilizing a matrix.

Forced ranking can utilize H. M. or L-or numeral rankings 1. 2. or 3. Aspects of the forced ranking will dwell of the followers:

Impact of the hazard against the vulnerable plus.
Probability of the hazard really happening for that plus.

Using this matrix. hazards are categorized harmonizing to the followers:

High probability/high impact
High probability/medium impact
High probability/low impact
Medium probability/high impact
Medium probability/medium impact
Medium probability/low impact
Low probability/high impact
Low probability/medium impact
Low probability/low impact

Against these classs. engineerings and policies are to be proposed to extenuate hazards against the more vulnerable of the IT resources and to supply eventualities in the event that one happens.

As an illustration. IT staff could make up one’s mind that entree to net e-mail airss a high hazard to a company’s assets. The solution could be merely. extinguish employee entree to the Internet ; nevertheless. that is non an employee-friendly solution.

Individual Assignment
Refer to the Ferraiolo et Al. article ( 2003 ) . and analyze the constructs of function graphs. Develop a similar function graph for the human resource information systems ( HRIS ) used by Riordan Manufacturing. Refer to Figure 7 of the article as a point of mention Consider there are four primary functions: HR clerk. HR supervisor. HR Manager and IT support staff. Write 3-5 page paper discoursing the functions in footings of needed entree. limitations. and policies of all types that would necessitate to be implemented. Attach your function graph to the paper. 07/27

15

Week Four: Securing Distributed Computing Environments

Detailss
Due
Points
Aims
4
4. 1 Consider security issues associated with different endeavor web storage and processing architectures.
4. 2 Understand and use schemes for procuring eBusiness webs and enterprise website assets.
4. 3 Understanding distributed trust direction systems.
4. 4 Understanding practical private web ( VPN ) exposures.
4. 5 Security issues associated with endeavor web storage and processing architectures. particularly in the context of fee-for-service agreements. where web storage is outsourced.

Readings
Read Ch. 10. “Computer Security and Risks” . in Tomorrow’s Technology and You. Read Ch. 11. “Computers at Work. School. and Home” . in Tomorrow’s Technology and You. Read the Week Four Read Me First.

Read this week’s Electronic Reserve Readings.

Engagement
Participate in category treatment.
08/03
2
In Class Quiz
Reading Quiz on readings.
08/03
2
Learning Team Reflection Summary
Collaborate with your larning squad to discourse the old week’s aims.

ALSO READ  Health And Safety Essay Sample

Discourse what you learned. what could be applicable to your workplace or personal life. and how your cognition has increased as a consequence of what you experienced through the acquisition activities in the old hebdomad.

Submit your squad sum-up of the treatment in a 1- to 2-page Microsoft® Word papers. 08/03
2
Learning Team Instruction manuals

Continue working on the Enterprise Security Plan due in Week Five.

Discuss the recommendations for engineerings and policies that mitigate hazards and eventualities for those high-impact hazards deemed most likely to happen. In peculiar. were at that place multiple solutions or justifications of how one was picked over another?

Individual Assignment
A major concern within endeavor environments is trust direction. This concern crosses multiple spheres: concern to concern ( B2B ) . believe eBay and PayPal ; concern to consumer ( B2C ) . such as on-line banking. intra-enterprise applications ( HR. finance. fabrication. buying. and accounting ) . Pick one of these spheres and compose a 3-5 page paper depicting the enabling function and challenges of distributed-trust-based direction. 08/03

20

Week Five: Enterprise Security

Detailss
Due
Points
Aims
5
5. 1 Comprehend nucleus rules associated with an endeavor security.
5. 2 Comprehend Enterprise Security Architecture ( ESA ) hazard analysis. direction. and control.
5. 3 Understand and use high-ranking entree control design methodological analysiss.
5. 4 Recognize endeavor exposures associated with eBusiness webs and other web-based engineerings.

Readings
Read Ch. 12. “Information Systems in Business” . in Tomorrow’s Technology and You. Read Ch. 13. “Electronic Commerce and E-Business: The Evolving Internet Economy” . in Tomorrow’s Technology and You. Read Ch. 11. “Holistic. Integrated Approaches to Risk Management” . in Hazard from the CEO and Board Perspective. Read Ch. 12. “The End of the Beginning” . in Hazard from the CEO and Board Perspective. Read the Week Five Read Me First.

Read this week’s Electronic Reserve Readings.

Engagement
Participate in category treatment.
08/10
2
In Class Quiz
Reading Quiz on readings.
08/10
2
Learning Team Reflection Summary
Collaborate with your larning squad to discourse the old week’s aims.

Discourse what you learned. what could be applicable to your workplace or personal life. and how your cognition has increased as a consequence of what you experienced through the acquisition activities in the old hebdomad.

Submit your squad sum-up of the treatment in a 1- to 2-page Microsoft® Word papers. 08/10
2
Learning Team
Enterprise Security Plan Project
The concluding paper and presentation should stand for practical ESP. The ESP format is to be determined by the Learning Team. utilizing constructs from ESA design in concurrence with standard ERM guidelines. The concluding paper and presentation should dwell of the methodological analysis the Learning Team went through in finishing this exercising. the consequences. and the recommendations.

Write a concluding paper. At a lower limit. include the followers:

The hazard and exposure exercisings and the initial lists that were created. including the points considered but non really included. Make certain the principle for determinations is discussed.

The forced-ranking exercising. justifications for the determinations made. and any concluding accommodations that were made ( of peculiar involvement are the gray countries ) .

The recommendations for engineerings and policies that mitigate hazards and eventualities for those high-impact hazards deemed most likely to happen. In peculiar. were at that place multiple solutions or justifications of how one was one picked over another? 08/10

10
Learning Team
Enterprise Security Presentation
Fix a Microsoft PowerPoint® presentation sum uping the Enterprise Security Plan Paper. 08/10
10