Information Security Policy

Axia College Material

Appendix B

Information Security Policy

Student Name: Jennifer Wherley

Axia College

IT/244 Intro to IT Security

Instructor’s Name: Shane Snyder

Date: 10/23/11

Table of Contents

1. Executive Summary 1

2. Introduction 1

3. Disaster Recovery Plan 1

3.1. Key elements of the Disaster Recovery Plan 1

3.2. Disaster Recovery Test Plan 1

4. Physical Security Policy 1

4.1. Security of the facilities 1

4.1.1. Physical entry controls 1

4.1.2. Security offices, rooms and facilities 1

4.1.3. Isolated delivery and loading areas 2

4.2. Security of the information systems 2

4.2.1. Workplace protection 2

4.2.2. Unused ports and cabling 2

4.2.3. Network/server equipment 2

4.2.4. Equipment maintenance 2

4.2.5. Security of laptops/roaming equipment 2

5. Access Control Policy 2

6. Network Security Policy 3

7. References 3

Executive Summary

Due in Week Nine: Write 3 to 4 paragraphs giving a bottom-line summary of the specific measureable goals and objectives of the security plan, which can be implemented to define optimal security architecture for the selected business scenario.

In reviewing Sunica Music’s problem, it seems that they are having much difficulty correlating data regarding customer information, purchases, and inventory between their stores. My first goal for them would be to implement a WAN that will connect both networks for both stores using a switch. Not only am I going to recommend the WAN but also many pertinent security features to ensure their information is only shared between the two stores and not any hackers.

One of the most important security features for a WAN in my opinion would be that of a firewall. This will protect any traffic from coming into the network. This will also ensure the safety of the data transmissions between the two stores.

They also need a separate network to allow...