Legal Issues in Information Security

14
Executive Summery on Risk Mitigation
Unit 9 ASSIGNMENT 1

ASSIGNMENT The protection of records that pertain to students is crucial in ensuring that their safety is not compromised. In doing so the following three things must be addressed in a very detailed and stringent manner. Confidentiality, Integrity, and Availability. These three facets of security are detrimental in the handling of information, whether it is student records or bank transaction records. C-I-A is a good practice when maintaining information and insuring the proper handling of said information. We will discuss here how C-I-A combined with FERPA will help to reduce mishandling and misuse of information, and how to deal with breach and loss as well. The confidentiality of information is vital to keep your students anonymity on line. Confidentiality means that only people with the right permissions can access and use the information. To ensure the confidentiality of the information, the location that it is stored will be secured by password protection. The principle of least privilege will be used as well in determining who has access to the information as well. Physically there will be endpoint encryption as well. All data that is stored in the servers will be encrypted as well. The integrity of the information is vital to ensure that any tampering of the information can be readily detected if it should occur. The integrity of the information is defined by its trustworthiness and completeness of the information as well. The integrity of the information is kept by ensuring the information stay in its initial state. Any and all changes to the information need to be documented and the parties involved and the owner of the information needs to be notified of the changes made. Any movement or copying of the information needs to be documented as