Case Study: San Diego Security Company

SCENARIO

ESSENCE OF THE CASE

Here are the essential elements in this case:

  • Describe the key points to consider when protecting information. For each point, describe how you would determine the possible vulnerabilities.

  • Because you are new at San Diego Security Company and must understand how it implements security, what documentation should you review first? Why?

  • Describe the steps you would take to assess and evaluate the company's assets.


San Diego Security Company has just hired you as its IT security administrator. Your first task is to evaluate the security infrastructure at the company.

As you begin your duties as the security administrator, a user requests permission to gain access to the network server from her home. How do you determine whether to allow this practice? Who should be involved in making the decision? Describe what steps you should take in this situation.

ANALYSIS

You must perform a risk/benefit analysis to properly answer this question. You need to consult with the user and determine why she needs access from her home and what benefit it will have for the business. For example, it may only be so that she can check her email. On the other hand, it might be to perform critical administrative tasks that would otherwise require a 45-minute commute to the office to make a 5-minute fix.

You also need to speak with her supervisor and members of your management chain. Present the pros and cons to them and make a recommendation based upon your assessment of the risk of allowing outside access weighed against the possible benefits to the organization.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.117.153.241