Description

Purpose

This course project is intended to assess your ability to comprehend and apply the basic concepts related to information security management, such as the following: 

The ability to discern when a risk assessment should be performed and carrying out the task.

Understanding user or customer access requirements, whether remote or local.

Using a layered security approach to establish and maintain access controls.

Working with other departments, such as the human resources department, to identify and implement methods to prevent unwarranted exposure to information by inappropriate personnel.

Your ability to execute the tasks within these information security domains and others will be evaluated against the learning objectives as identified and described in previous lessons of instruction for this course.

Introduction to the Project

User identification, authentication, and authorization are essential in developing, implementing, and maintaining a framework for information system security. The basic function of an information system security framework is to ensure the confidentiality and the integrity, as well as the availability of systems, applications, and data. Certain information security implementation and management knowledge is required of network administrators, IT service personnel, management, and IT security practitioners, such as information security officers, security analysts, and domain administrators.

Project Scenario

You have presented a complete scenario that is contained in the document, Scenario.pdf.  You must read and understand this document to complete this project. You play the dual role of an IT architect and IT security specialist working for Integrated Distributors Incorporated (IDI), a multi-national organization with offices in several countries. Your instructor for this course plays the role of the chief information officer (CIO). Your peers play the role of selected technology staff. Each of the organization’s locations is operating with different information technologies and infrastructure - IT systems, applications, and databases. Various levels of IT security and access management have been implemented and embedded within their respective locations.

Goals of the Project (Tasks)

Your goals as the IT architect and IT security specialist are to:

Develop solutions to the issues that the specified location of IDI is facing.

Develop plans to implement corporate-wide information access methods to ensure confidentiality, integrity, and availability.

Assess risks and vulnerabilities with operating IT facilities in the disparate locations where IDI now functions and develop mitigation plans and implementation methods.

Analyze the strengths and weaknesses in the current systems of IDI.

Address remote user and Web site user’s secure access requirements.

Develop a proposed budget for theproject - considerhardware, software, upgrades/replacements, and consulting services. 

Prepare detailed network and configuration diagrams outlining the proposed change to be able to present it to the management.

Develop and submit a comprehensive 8-page report (Word document) addressing the learning objectives and your solutions to the issues within the scenario.

Prepare a 10 -15 slidePowerPointpresentation that addresses important access control, infrastructure, and management aspects from each location.