Internal Use Only Classification

In: Computers and Technology

Submitted By cgraves1366
Words 835
Pages 4
Unit 1 Assignment 2: Impact of a Data Classification Standard

Course Name & Number: NT2580 Introduction to Information Security

Learning Objectives and Outcomes * You will learn how to determine the impact of a data classification standard on an organization's IT infrastructure.

Assignment Requirements
You are a networking intern at Richman Investments, a mid-level financial investment and consulting firm. Your supervisor has asked you to draft a brief report that describes the “Internal Use Only” data classification standard of Richman Investments. Write this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. Your report will become part of an executive summary to senior management.

Required Resources
None

Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Citation Style: Chicago Manual of Style * Length: 1–2 pages * Due By: Unit 2

Self-Assessment Checklist * I have identified at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. * In my report, I have included details on how those domains are affected.

Internal Use Only
The term “internal use only” is a term that refers to information or data that could also include communications are intended to stay within the company. Items that are classified as “internal use only” is not always classified material. The results of this information being compromised could have a lasting negative affect on the company’s profits, any contracts or customers, and the creative property that is within that field. The best way to determine how these things can affect us and devise methods to…...

Similar Documents

Internal Use Only

...NT2580 Unit 1 Assignment 2 Internal Use Only Here at Richmond Investments we need to ensure we meet a data classification standard when it comes to our employees accessing the internet from work provided computers and having access to privileged work related data. Under this standard we will implement standards for the LAN Domain, Workstation Domain, and the User Domain. For the LAN Domain we will need to secure the wiring closets, data centers, and computer rooms are secure. For access to these areas personnel will have to have the proper credentials and without them they will not be allowed access. We will need electronic door locks with a push button code. This would ensure that nobody can get into those rooms without that code. For the Workstation Domain we will require user name and passwords on all computers. This will ensure that access to the system will only be available to those that have already been added to the network by an IT Administrator. We will keep the computers up to date with current anti-virus software and regular monitoring. Only approved devices will be allowed to function with the workstations. This will eliminate possible outside threats from getting any data off the network in case they do gain access to an unlocked workstation. For the User Domain we will have an employee manual and acceptable use policy for all employees to follow. Each employee will be placed under the group in which they work for and only have access to the data......

Words: 421 - Pages: 2

Internal Use Only

...​I was asked to identify three domains that are affected by our “Internal Use Only” data classification standard.  After doing some research I have found that the three domains most affected by the classification are the: User domain, Workstation domain, and LAN domain. ​The user domain is made up of the people who access our information system.  We currently have an AUP (Acceptable Use Policy) set in place for this domain.  Any third party that requires access to our network is to sign an AUP and a confidentiality agreement.  This domain is the weakest and the most affected by the classification for multiple reasons.  There is lack of user awareness; make sure to conduct security training and place reminders around the office.  You have blatant security violations; when there are violations place employees on probation and review the AUP.  We also have users downloading various different files; Enable content filtering and automatic antivirus scans. ​The workstation domain is made up of the devices that employees use to connect to the IT infrastructure.  It is necessary to make sure all employees can easily access any tools needed to perform their work duties.  This domain requires tight security and access controls because this is where users first access the system.  This is where someone can enter the system to do damage.  You can have unauthorized user access; make sure strong password protection and auto screen lockout are enabled.  There can be software......

Words: 426 - Pages: 2

Internal Use Only Domains

...Internal use only is information that may or may not be confidential. That is shared within our organization and kept away from the public. With this being said it is imperative that we seek the fallowing to be incorporated within the standards in each domain. User Domain refers to the people who have access to the organizations equipment User domains tend to be the worst domain for security. The reasoning for this is the multitudes of social networking and the fallacy’s of the employee’s not even meaning to release information that could be detrimental. Employees are responsible for their own equipment. The best way to avoid this is to set up an Acceptable use Policy (AUP) that informs employees what they can and cannot do with company information, equipment, and resources. We must hold employees accountable who are abusing company’s AUP. Workstation Domain refers to the computers or electronic devices in which a user uses to access the system. The threats to this domain which vary from unauthorized access to downloading personal files, the best way to fix this is to “Harden” the system by setting up firewalls, anti-virus, malware programs and restricted access to popular web page such as Social networking websites, Music sites, and video web pages. Monitor of disable the installation of software and Restrict or disable the use of removable data devices unless authorized by system Administrators. A user that violates the AUP they should be given restricted access until......

Words: 457 - Pages: 2

Internal Use Only

...the “Internal use only “data classification standards set by the company. The information obtained in the report consists of all 7 layers of the IT infrastructure. At the conclusion of this report I will establish that three of the seven layers of the IT infrastructure that are affected by the “use only “data standards and how affect domain and their security. The user domains layer of the IT infrastructure is the first layer and also the weakest link in the infrastructure. Personal information is created in this domain that is obtained for internal use only. When the user domain layer fails anyone can access the company’s information system. The Work station domain is the second layer of the infrastructure that “use only” standard affects. The WSD is where users first access the systems, applications, and data. This layer requires a login and password authentication before access is allowed to view information. Unauthorized access to the workstation can cause viruses, malicious malware, and other infections to a user’s workstation or laptop accessing their music, pictures or personal files. The LAN-to-WAN domain is the third layer of the infrastructure that is affected by the “use only” standard because the TCP and UDP are compromised due the fact these are entry and exit point to the wide area network and making private information easily accessible to anyone. I have determined the layers discussed in this brief report explains the affects that “Internal use......

Words: 305 - Pages: 2

Internal Use Only

...at Richman investments, I was s asked to write a brief report that describes the "internal use only" data classification standard of Richman investments. I will list a few of the IT infrastructure domains that are affected by the standard and how they are affecting the domain and their security here at Richman investments. * User domain The user domain defines the people who access an organizations information system. In the user domain you will find an acceptable use policy (AUP). An AUP defines what a user can and cannot do with organization-owned IT assets. It is like a rulebook that the employees must follow. Failure to follow these rules can be grounds for termination. The user domain is the weakest link in an IT infrastructure. Anybody who is responsible for computer security understand what motivates someone to compromise an organization system, application, or data. Now I am going to list risk and threats commonly found in the user domain and plans you can use to prevent them. Lack of user awareness - solution - conduct security awareness training, display security awareness posters, insert reminders in banner greeting, and send email reminders to employees. Security policy violation- solution - place employee on probation, review AUP and employee Manuel, discuss during performance review. Employee blackmail or extortion- solution - track and monitor abnormal employee behavior and use of IT infrastructure during off hours. Alarms and alerts programmed within an......

Words: 297 - Pages: 2

Internal Use Only Classification

...Unit 1 Assignment 2: Impact of a Data Classification Standard Course Name & Number: NT2580 Introduction to Information Security Learning Objectives and Outcomes * You will learn how to determine the impact of a data classification standard on an organization's IT infrastructure. Assignment Requirements You are a networking intern at Richman Investments, a mid-level financial investment and consulting firm. Your supervisor has asked you to draft a brief report that describes the “Internal Use Only” data classification standard of Richman Investments. Write this report addressing which IT infrastructure domains are affected by the standard and how they are affected. In your report, mention at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. Your report will become part of an executive summary to senior management. Required Resources None Submission Requirements * Format: Microsoft Word * Font: Arial, Size 12, Double-Space * Citation Style: Chicago Manual of Style * Length: 1–2 pages * Due By: Unit 2 Self-Assessment Checklist * I have identified at least three IT infrastructure domains affected by the “Internal Use Only” data classification standard. * In my report, I have included details on how those domains are affected. Internal Use Only The term “internal use only” is a term that refers to information or data that could also include communications......

Words: 835 - Pages: 4

Internal Use Only

...I was asked to identify three domains that are affected by our “Internal Use Only” data classification standard.  After doing some research I have found that the three domains most affected by the classification are the: User domain, Workstation domain, and LAN domain. ​The user domain is made up of the people who access our information system.  We currently have an AUP (Acceptable Use Policy) set in place for this domain.  Any third party that requires access to our network is to sign an AUP and a confidentiality agreement.  This domain is the weakest and the most affected by the classification for multiple reasons.  There is lack of user awareness; make sure to conduct security training and place reminders around the office.  You have blatant security violations; when there are violations place employees on probation and review the AUP.  We also have users downloading various different files; Enable content filtering and automatic antivirus scans. ​The workstation domain is made up of the devices that employees use to connect to the IT infrastructure.  It is necessary to make sure all employees can easily access any tools needed to perform their work duties.  This domain requires tight security and access controls because this is where users first access the system.  This is where someone can enter the system to do damage.  You can have unauthorized user access; make sure strong password protection and auto screen lockout are enabled.  There can be software......

Words: 286 - Pages: 2

(2012, 11). Richman Investments "Internal Use Only" Data Classification Standard. Studymode.Com. Retrieved 11, 2012, from Http: //Www.Studymode.Com/Essays/Richman-Investments-Internal-Use-Only-Data-

...Richman Investments “Internal Use Only” data classification standard Tamara Beecher December 16, 2013 Internal use only – Information or data shared internally by an organization. While confidential information or data may not be included, communications are not intended to leave the organization. This report is designed to describe clarify the standards for the “Internal use only” data classification for Richman Investments, this report will address which IT infrastructure domains are affected by the standard and how. The first IT infrastructure affected by the Internal Use Only classification is the User Domain. The User Domain defines the people who access an organization’s information system. The User Domain also will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outsider contractor or third-party representatives shall also need to agree and comply with the AUP. Any violation will be taken up with company executives and/or the authorities to assess further punitive action. Workstation Domain- is where most users connect to the IT infrastructure. No personal devices or removable media may be used on this network. All devices and removable le media will be issued by the company for official use only. Access Control Lists (ACLs) will be drawn up to appropriately define what access each individual will have. Any violations will cause...

Words: 319 - Pages: 2

Internal Use Only

...infrastructure domains that are affected by the internal use only data classification standards as used in Richman Investment. The three main IT infrastructure domains that will be discussed in this report are User domain, Workstation domain, and LAN. “Internal Use Only”- This refers to data shared internally in an organization, which is not supposed to be disseminated beyond the confines of the company. Before such data can be shared, it must be approved. This information is considered critical. If compromised and found in the wrong hands, it may cost the organization lots of money and time before such problem can be solved and restored. “User Domain”- Most users who have access to the computer information system of the company have access to the user domain and this is the weakest domain in the infrastructure. Everyone who has this access must comply with an ‘Acceptable Use Policy(AUP)” whether you are a contractor, company employees, customers or third party representative. All users with access to this domain understand that wrongful dissemination of company`s data could compromise the whole computer information system. “Workstation Domain”- This domain includes workstations and computers that are approved by the company for an individual user. Users need verification before allowed access to the workstation domain. Most verifications are done with the use of usernames and passwords; everyone is asked to log in to ensure only people with the right......

Words: 404 - Pages: 2

Richman Investments “Internal Use Only” Data Classification Standard Brief Report

...RICHMAN INVESTMENTS “INTERNAL USE ONLY” DATA CLASSIFICATION STANDARD Brief Report This Brief Report is to describe Richman Investments policy of “Internal Use Only” data classification standard. This document is to be used as an informational guide for any employee or third party representative who is to access any or all of Richman Investments internal data base information system. To access Richman Investments internal data base any user, employee or third party representative must agree to the acceptable use policy (AUP). “While confidential information or data may not be included, communications, documents or any data are not intended to leave the organization.” (Beecher, 2013) There are 3 types of IT infrastructure domains that are affected by the “Internal Use Only” data classification standard of Richman Investments listed as follows: User Domain is the first layer of the infrastructure and is defined as any person (single user) accessing Richman Investments internal data base information system who has agreed to the AUP. This Domain defines the user permissions. This is where the IT department defines what access each individual user will have on the network. This is considered to weakest link in the company’s infrastructure. Workstation Domain is the second layer of the infrastructure and is defined as the first access point to the Richman Investments internal data base information system, applications and data. This layer requires a login and password......

Words: 440 - Pages: 2

Nt2580 Unit 1 Assignment: Internal Use Only Policy

...Charles Elliot 6/20/15 To: Richman Investments Employees. Subject: Internal Use Only Policy This report is to inform all members of Richman investments of their Internal Use Only policy. We will be discussing what this policy means, its effect on running day to day tasks on the network, and what protocols we are to follow when under the enforcement of this policy. Internal use only simply means that the data stays on site, or that an organization shares the information internally. And while the information may or may not be of a sensitive nature, there will be no exchange of data or communication of any kind outside of the organization. Any person(s) who wish to gain access to any information within Richman Investments infrastructure must authenticate themselves by logging on to their User profile and entering their password. All Users must agree and adhere to the AUP-Acceptable Use Policy. The AUP is a policy that states what a user can or cannot do with information from Richman Investments. Failure to adhere to the AUP will result in disciplinary actions both in their profession as well as legal disciplinary actions. The workstation is where the User connects to the infrastructure. There are no personal or recording devices or removable media of any kind allowed at the workstation. Richman Investments will provide and devices and removable media themselves, also these devices are never to leave the premises. The infrastructure administrators will determine which......

Words: 317 - Pages: 2

Richman Investments “Internal Use Only” Data Classification Standard

...RICHMAN INVESTMENTS “INTERNAL USE ONLY” DATA CLASSIFICATION STANDARD Brief Report This Brief Report is to describe Richman Investments policy of “Internal Use Only” data classification standard. This document is to be used as an informational guide for any employee or third party representative who is to access any or all of Richman Investments internal data base information system. To access Richman Investments internal data base any user, employee or third party representative must agree to the acceptable use policy (AUP). “While confidential information or data may not be included, communications, documents or any data are not intended to leave the organization.” (Beecher, 2013) There are 3 types of IT infrastructure domains that are affected by the “Internal Use Only” data classification standard of Richman Investments listed as follows: User Domain is the first layer of the infrastructure and is defined as any person (single user) accessing Richman Investments internal data base information system who has agreed to the AUP. This Domain defines the user permissions. This is where the IT department defines what access each individual user will have on the network. This is considered to weakest link in the company’s infrastructure. Workstation Domain is the second layer of the infrastructure and is defined as the first access point to the Richman Investments internal data base information system, applications and data. This layer requires a login and password......

Words: 306 - Pages: 2

Internal Use Only

...Intern Douglas Jaycox I was asked to prepare a report concerning the “Internal Use Only” data classification standard set by Richmond Investments. This report will pertain to three layers of the IT infrastructure at risk concerning the Internal Use Only standard.. The first is the User Domain. The User Domain is the weakest link in the infrastructure Personal information is created at this layer of the infrastructure. That information can be used to obtain Internal Use Only information. The second is the Workstaion Domain. The Workstation domain is vulnerable due to the fact that it is where the user accesses the system, applications, and data for the company. You need login and password authentication to be allowed to access information. The third is the Remote Access Domain. At this layer security is very vulnerable due to wireless access. When using Remote Access more layers of security are needed to avoid someone intercepting the information sent over the Internet. By using Remote Access devices there are many ways that secure data can be compromised. In all of these areas login and passwords need to be used I also suggest using a second level of authentication by the use of security questions. After a specified number of failed attempts user should be locked out of system and an IT manager should be notified before access for that user is granted. VPN tunnels are another good thing to use because data is encrypted both going out and coming in. Above all......

Words: 299 - Pages: 2

Richman Investments "Internal Use Only" Data Classification Standard

...The "Internal Use Only" data classification standard at Richman Investments will include the most basic IT infrastructure domains to include the User Domain, Workstation Domain, and the LAN Domain. This will encompass all users and their workstations, as well their access to the internet and company server databases and any information in between. The User Domain will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outside contractor or third-party representatives shall also need to agree and comply with the AUP. All users must be properly identified and sign this AUP prior to gaining any access whatsoever to the company network. No exceptions. Any violation will be taken up with company executives and/or the authorities to assess further punitive action. The Workstation Domain includes all workstations approved on the company network. No personal devices or removable media may be used on this network. All devices and removable media will be issued by the company for official use only. To access any workstation, a user will need to be first verified, then setup with an account to be logged in with a username and pass code adhering to the IT departments set standards. All systems will undergo regular updates and be provided with anti-virus and anti-malware software for system monitoring. Access Control Lists (ACLs) will be drawn up to appropriately......

Words: 482 - Pages: 2

Internal Use Only

...Investments “Internal Use Only” data classification policy applies to. “Internal Use Only” is used to classify any internal data shared within our organization that may or may not be confidential in nature but is not intended to leave the company. The three main domains affected by this policy are the User Domain, Workstation Domain, and the LAN Domain. The User Domain is anyone who accesses the company’s information system and is the weakest link in the infrastructure. Users will be strictly held to the acceptable use policy (AUP) which acts as a guidebook for what users are allowed to do with the company’s IT assets. Violation of the AUP can be grounds for immediate dismissal and/or legal actions. Any third party that may need access to our systems will need to adhere to these policies as well and will need to sign an agreement before any access is given. The Human Resources department will be responsible for ensuring that all employees have signed an agreement to the AUP. All employees must pass a background check and their identities verified by HR before any access to Richman’s systems are granted. The Workstation Domain is where most users will connect to Richman’s IT infrastructure. This includes all desktops, laptops, PDAs, smartphones, and tablets. No personal devices or removable media will be allowed to connect to Richman’s system. Any devices or removable media needed to conduct business will be issued by Richman’s IT department and be used for official matters......

Words: 365 - Pages: 2