Internal Use Only Classification

In: Computers and Technology

Submitted By cgraves1366
Words 835
Pages 4
Unit 1 Assignment 2: Impact of a Data Classification Standard

Course Name & Number: NT2580 Introduction to Information Security

Learning Objectives and Outcomes
* You will learn how to determine the impact of a data classification standard on an organization's IT infrastructure.

Assignment Requirements
You are a networking intern at Richman Investments, a mid-level financial investment and consulting firm. Your supervisor has asked you to draft a brief report that describes the “Internal Use Only” data classification standard of Richman Investments. Write this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. Your report will become part of an executive summary to senior management.

Required Resources
None

Submission Requirements
* Format: Microsoft Word
* Font: Arial, Size 12, Double-Space
* Citation Style: Chicago Manual of Style
* Length: 1–2 pages
* Due By: Unit 2

Self-Assessment Checklist
* I have identified at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard.
* In my report, I have included details on how those domains are affected.

Internal Use Only
The term “internal use only” is a term that refers to information or data that could also include communications are intended to stay within the company. Items that are classified as “internal use only” is not always classified material. The results of this information being compromised could have a lasting negative affect on the company’s profits, any contracts or customers, and the creative property that is within that field. The best way to determine how these things can affect us and devise methods to…...

Similar Documents

Internal Use Only

...NT2580 Unit 1 Assignment 2 Internal Use Only Here at Richmond Investments we need to ensure we meet a data classification standard when it comes to our employees accessing the internet from work provided computers and having access to privileged work related data. Under this standard we will implement standards for the LAN Domain, Workstation Domain, and the User Domain. For the LAN Domain we will need to secure the wiring closets, data centers, and computer rooms are secure. For access to these areas personnel will have to have the proper credentials and without them they will not be allowed access. We will need electronic door locks with a push button code. This would ensure that nobody can get into those rooms without that code. For the Workstation Domain we will require user name and passwords on all computers. This will ensure that access to the system will only be available to those that have already been added to the network by an IT Administrator. We will keep the computers up to date with current anti-virus software and regular monitoring. Only approved devices will be allowed to function with the workstations. This will eliminate possible outside threats from getting any data off the network in case they do gain access to an unlocked workstation. For the User Domain we will have an employee manual and acceptable use policy for all employees to follow. Each employee will be placed under the group in which they work for and only have access to the data...

Words: 421 - Pages: 2

Internal Use Only

...​I was asked to identify three domains that are affected by our “Internal Use Only” data classification standard.  After doing some research I have found that the three domains most affected by the classification are the: User domain, Workstation domain, and LAN domain. ​The user domain is made up of the people who access our information system.  We currently have an AUP (Acceptable Use Policy) set in place for this domain.  Any third party that requires access to our network is to sign an AUP and a confidentiality agreement.  This domain is the weakest and the most affected by the classification for multiple reasons.  There is lack of user awareness; make sure to conduct security training and place reminders around the office.  You have blatant security violations; when there are violations place employees on probation and review the AUP.  We also have users downloading various different files; Enable content filtering and automatic antivirus scans. ​The workstation domain is made up of the devices that employees use to connect to the IT infrastructure.  It is necessary to make sure all employees can easily access any tools needed to perform their work duties.  This domain requires tight security and access controls because this is where users first access the system.  This is where someone can enter the system to do damage.  You can have unauthorized user access; make sure strong password protection and auto screen lockout are enabled.  There can be software...

Words: 426 - Pages: 2

Internal Use Only Domains

...Internal use only is information that may or may not be confidential. That is shared within our organization and kept away from the public. With this being said it is imperative that we seek the fallowing to be incorporated within the standards in each domain. User Domain refers to the people who have access to the organizations equipment User domains tend to be the worst domain for security. The reasoning for this is the multitudes of social networking and the fallacy’s of the employee’s not even meaning to release information that could be detrimental. Employees are responsible for their own equipment. The best way to avoid this is to set up an Acceptable use Policy (AUP) that informs employees what they can and cannot do with company information, equipment, and resources. We must hold employees accountable who are abusing company’s AUP. Workstation Domain refers to the computers or electronic devices in which a user uses to access the system. The threats to this domain which vary from unauthorized access to downloading personal files, the best way to fix this is to “Harden” the system by setting up firewalls, anti-virus, malware programs and restricted access to popular web page such as Social networking websites, Music sites, and video web pages. Monitor of disable the installation of software and Restrict or disable the use of removable data devices unless authorized by system Administrators. A user that violates the AUP they should be given restricted access until...

Words: 457 - Pages: 2

Internal Use Only

...To Whom It May Concern, I am an intern at Richman Investments and was ask to draft a brief report concerning the (IT infrastructure domain). The reason for the report is to describe the “Internal use only “data classification standards set by the company. The information obtained in the report consists of all 7 layers of the IT infrastructure. At the conclusion of this report I will establish that three of the seven layers of the IT infrastructure that are affected by the “use only “data standards and how affect domain and their security. The user domains layer of the IT infrastructure is the first layer and also the weakest link in the infrastructure. Personal information is created in this domain that is obtained for internal use only. When the user domain layer fails anyone can access the company’s information system. The Work station domain is the second layer of the infrastructure that “use only” standard affects. The WSD is where users first access the systems, applications, and data. This layer requires a login and password authentication before access is allowed to view information. Unauthorized access to the workstation can cause viruses, malicious malware, and other infections to a user’s workstation or laptop accessing their music, pictures or personal files. The LAN-to-WAN domain is the third layer of the infrastructure that is affected by the “use only” standard because the TCP and UDP are compromised due the fact these are entry and exit point to......

Words: 305 - Pages: 2

Internal Use Only Classification

...Unit 1 Assignment 2: Impact of a Data Classification Standard Course Name & Number: NT2580 Introduction to Information Security Learning Objectives and Outcomes * You will learn how to determine the impact of a data classification standard on an organization's IT infrastructure. Assignment Requirements You are a networking intern at Richman Investments, a mid-level financial investment and consulting firm. Your supervisor has asked you to draft a brief report that describes the “Internal Use Only” data classification standard of Richman Investments. Write this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. Your report will become part of an executive summary to senior management. Required Resources None Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Citation Style: Chicago Manual of Style * Length: 1–2 pages * Due By: Unit 2 Self-Assessment Checklist * I have identified at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. * In my report, I have included details on how those domains are affected. Internal Use Only The term “internal use only” is a term that refers to information or data that could also include communications...

Words: 835 - Pages: 4

(2012, 11). Richman Investments "Internal Use Only" Data Classification Standard. Studymode.Com. Retrieved 11, 2012, from Http: //Www.Studymode.Com/Essays/Richman-Investments-Internal-Use-Only-Data-

...Richman Investments “Internal Use Only” data classification standard Tamara Beecher December 16, 2013 Internal use only – Information or data shared internally by an organization. While confidential information or data may not be included, communications are not intended to leave the organization. This report is designed to describe clarify the standards for the “Internal use only” data classification for Richman Investments, this report will address which IT infrastructure domains are affected by the standard and how. The first IT infrastructure affected by the Internal Use Only classification is the User Domain. The User Domain defines the people who access an organization’s information system. The User Domain also will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outsider contractor or third-party representatives shall also need to agree and comply with the AUP. Any violation will be taken up with company executives and/or the authorities to assess further punitive action. Workstation Domain- is where most users connect to the IT infrastructure. No personal devices or removable media may be used on this network. All devices and removable le media will be issued by the company for official use only. Access Control Lists (ACLs) will be drawn up to appropriately define what access each individual will have. Any violations will cause......

Words: 319 - Pages: 2

Internal Use Only

...This report is to highlight three IT infrastructure domains that are affected by the internal use only data classification standards as used in Richman Investment. The three main IT infrastructure domains that will be discussed in this report are User domain, Workstation domain, and LAN. “Internal Use Only”- This refers to data shared internally in an organization, which is not supposed to be disseminated beyond the confines of the company. Before such data can be shared, it must be approved. This information is considered critical. If compromised and found in the wrong hands, it may cost the organization lots of money and time before such problem can be solved and restored. “User Domain”- Most users who have access to the computer information system of the company have access to the user domain and this is the weakest domain in the infrastructure. Everyone who has this access must comply with an ‘Acceptable Use Policy(AUP)” whether you are a contractor, company employees, customers or third party representative. All users with access to this domain understand that wrongful dissemination of company`s data could compromise the whole computer information system. “Workstation Domain”- This domain includes workstations and computers that are approved by the company for an individual user. Users need verification before allowed access to the workstation domain. Most verifications are done with the use of usernames and passwords; everyone is asked to log in...

Words: 404 - Pages: 2

Classification

...Markisha Harris Introduction to Corrections Unit 7 Assignment 02 January 2014 Classification The classification process in corrections differs from state to state. According to the Department of Corrections in the State of Montana, classification is basically a way of consolidating and controlling the offenders that are housed in the prison all based upon their identity. Offenders are also categorized by their behavior and other potential risks. When it comes to prison facilities, there are specific purposes of classification and specific ways of how classification systems are used to place prisoners. In the State of Montana, the primary or main purpose of the system of classification in the correctional system is too basically use a method to figure out whether or not which proper encoding and safekeeping step is right for every single convict. A secondary purpose of the classification process in the State of Montana is to allow the prisoners a chance to change their lives around in a positive way. By allowing this opportunity, it will instill protection, safety, and security of other inmates, correctional officers, and the society. The classification system has a goal. The goal is to have order within the correctional facilities and to maintain proper security and safety to everyone that are in contact with offenders. In order for this goal to be achieved, all inmates has to be classified right after the admission process. After the admission process...

Words: 703 - Pages: 3

Richman Investments “Internal Use Only” Data Classification Standard Brief Report

...RICHMAN INVESTMENTS “INTERNAL USE ONLY” DATA CLASSIFICATION STANDARD Brief Report This Brief Report is to describe Richman Investments policy of “Internal Use Only” data classification standard. This document is to be used as an informational guide for any employee or third party representative who is to access any or all of Richman Investments internal data base information system. To access Richman Investments internal data base any user, employee or third party representative must agree to the acceptable use policy (AUP). “While confidential information or data may not be included, communications, documents or any data are not intended to leave the organization.” (Beecher, 2013) There are 3 types of IT infrastructure domains that are affected by the “Internal Use Only” data classification standard of Richman Investments listed as follows: User Domain is the first layer of the infrastructure and is defined as any person (single user) accessing Richman Investments internal data base information system who has agreed to the AUP. This Domain defines the user permissions. This is where the IT department defines what access each individual user will have on the network. This is considered to weakest link in the company’s infrastructure. Workstation Domain is the second layer of the infrastructure and is defined as the first access point to the Richman Investments internal data base information system, applications and data. This layer requires a login and password...

Words: 440 - Pages: 2

Classification

...Classification has always been the main source of the simplifying all of the information that has been found throughout the span of human thought. Science in its most basic from is nothing more than just a quest of knowledge “to seek what regularities there may be”(Sagan) and the existence of that knowledge is explained by classification(Foucault). Today’s society is dominated by an absurd amount of technologically powered apparatuses like: cell phones, computers, tablets, tables, cars, and the list ventures endlessly forward and like every “small step for a man, and one giant leap forward for mankind” there are repercussions(The Space Race). One of the things that changed with the evolution of technology from its primitive state to its more modern version is news; once only told by an unbiased, or at least strived to be, newscasters like Walter Cronkite(Cronkite) and people were forced to watch the whole thing until what they were really interested in came on has now turned into an extremely selective and biased way of reporting the news with outstandingly big downsides that has lead society to be harshly less informed about what is going on around them and more susceptible to having their opinion swayed with possible misclassification of news. By the end of 2010 more people claimed to be receiving their news intake from the internet than from newspapers(Featured in Social Media) and with the simplified access to...

Words: 1224 - Pages: 5

Internal

.... By going through all of the systems they can determine profitable from non-profitable. Before the internal auditor leaves the business owners will know exactly where the problems have fallen. The Accountant will also have recommendations on how to fix the issues at hand. The benefits for using an internal auditor are one of the best ideas at making sure the company is heading in the right direction. If a business owner decides to not invite an internal auditor into their business and the company is not doing well this could set the business up as a failure. An internal auditor cannot hurt to be brought in, it could only help. The accountant will tell the individuals in the company everything that is incorrect. The recommendation of the committee is that the company goes ahead and hires an internal auditor. Internal Auditors have specialties that they investigate. A retail change should hire an internal auditor that specializes in retail. Since the business in the discussion is retail the auditor will know exactly what to look for and they will not have to research what the company is before starting to review the information systems. The auditor will come in and start the review by reviewing the information systems for fraud, and inconsistencies. They will spend days reviewing the systems. Making sure that the company is complying. An auditor is trained what to look for. The auditor is trained to make sure that all reports are accurate. It is important to pick an...

Words: 714 - Pages: 3

Nt2580 Unit 1 Assignment: Internal Use Only Policy

...Charles Elliot 6/20/15 To: Richman Investments Employees. Subject: Internal Use Only Policy This report is to inform all members of Richman investments of their Internal Use Only policy. We will be discussing what this policy means, its effect on running day to day tasks on the network, and what protocols we are to follow when under the enforcement of this policy. Internal use only simply means that the data stays on site, or that an organization shares the information internally. And while the information may or may not be of a sensitive nature, there will be no exchange of data or communication of any kind outside of the organization. Any person(s) who wish to gain access to any information within Richman Investments infrastructure must authenticate themselves by logging on to their User profile and entering their password. All Users must agree and adhere to the AUP-Acceptable Use Policy. The AUP is a policy that states what a user can or cannot do with information from Richman Investments. Failure to adhere to the AUP will result in disciplinary actions both in their profession as well as legal disciplinary actions. The workstation is where the User connects to the infrastructure. There are no personal or recording devices or removable media of any kind allowed at the workstation. Richman Investments will provide and devices and removable media themselves, also these devices are never to leave the premises. The infrastructure administrators will determine which......

Words: 317 - Pages: 2

Richman Investments “Internal Use Only” Data Classification Standard

...RICHMAN INVESTMENTS “INTERNAL USE ONLY” DATA CLASSIFICATION STANDARD Brief Report This Brief Report is to describe Richman Investments policy of “Internal Use Only” data classification standard. This document is to be used as an informational guide for any employee or third party representative who is to access any or all of Richman Investments internal data base information system. To access Richman Investments internal data base any user, employee or third party representative must agree to the acceptable use policy (AUP). “While confidential information or data may not be included, communications, documents or any data are not intended to leave the organization.” (Beecher, 2013) There are 3 types of IT infrastructure domains that are affected by the “Internal Use Only” data classification standard of Richman Investments listed as follows: User Domain is the first layer of the infrastructure and is defined as any person (single user) accessing Richman Investments internal data base information system who has agreed to the AUP. This Domain defines the user permissions. This is where the IT department defines what access each individual user will have on the network. This is considered to weakest link in the company’s infrastructure. Workstation Domain is the second layer of the infrastructure and is defined as the first access point to the Richman Investments internal data base information system, applications and data. This layer requires a login and password......

Words: 306 - Pages: 2

Internal

... and human resources together. According to Henry Fayol, “To organize a business is to provide it with everything useful or its functioning i.e. raw material, tools, capital and personnel’s”. Organizing a business is to determine human and non human resources to organization team. Process of organization is task delegation, task identification, assignment duties, authority coordination and group activity classification. Leading Despite of the business size leading is one of the most important parts of management function. Every employee follows their manager’s instruction as they consider them as a boss; therefore a manager should be a good example for the rest of the team. A good manager brings positive attitude and inspires the team. Employees follow inspirational manager which is beneficial to the company. In order to succeed and achieve company’s goal management must find new ways to coach and motivate their employees. Controlling Controlling is following up whether or not the task has been completed per standard. In order to ensure management goal is achieved the management must ensure the efficient utilization of organizational resources. Controlling helps with coordination and planning. Controlling and planning are related to each other, planning without controlling and controlling without planning is meaningless. It is important for management to plan and then follow up by controlling to ensure the plan they have created is being followed per their standard...

Words: 672 - Pages: 3

Internal Use Only

...The following report will address the three main IT infrastructure domains that the Richman Investments “Internal Use Only” data classification policy applies to. “Internal Use Only” is used to classify any internal data shared within our organization that may or may not be confidential in nature but is not intended to leave the company. The three main domains affected by this policy are the User Domain, Workstation Domain, and the LAN Domain. The User Domain is anyone who accesses the company’s information system and is the weakest link in the infrastructure. Users will be strictly held to the acceptable use policy (AUP) which acts as a guidebook for what users are allowed to do with the company’s IT assets. Violation of the AUP can be grounds for immediate dismissal and/or legal actions. Any third party that may need access to our systems will need to adhere to these policies as well and will need to sign an agreement before any access is given. The Human Resources department will be responsible for ensuring that all employees have signed an agreement to the AUP. All employees must pass a background check and their identities verified by HR before any access to Richman’s systems are granted. The Workstation Domain is where most users will connect to Richman’s IT infrastructure. This includes all desktops, laptops, PDAs, smartphones, and tablets. No personal devices or removable media will be allowed to connect to Richman’s system. Any devices or removable media needed to......

Words: 365 - Pages: 2