In Module Four, you will submit 10 security policies as part of the planned solution to mitigate the 10 security gaps identified in the Case Document. There should be one policy per security gap identified in the Case Document. Consider policies that address topics such as remote access, encryption and hashing (to control data flow), auditing network accounts, configuration change management (to reduce unintentional threats), segregation of duties, mandatory vacation (to mitigate intentional threats), personally identifiable information breaches, media protection, and social engineering. This milestone focuses on security functionality, and each policy should be no longer than one page.
Specifically, the following critical elements must be addressed:
- What is your proposal for mitigating the identified human factors that pose a threat to the organization’s security posture? Describe the specific policies, processes, and practices that must be in place to address each of the following.
- Unintentional Threats: What strategies can protect against human errors made due to cognitive factors? What strategies can protect against human errors made due to psychosocial and cultural factors?
- Intentional Threats: What strategies can protect against social engineering?
- Data Flow: How do you make sure that the data sender and the data receiver have a sound connection? How do you ensure that data is not tampered with or altered from its intended meaning? What strategies do you propose to address poor communication?
What to Submit
Your paper must be submitted as a 10-page Microsoft Word document, with double spacing, 12-point Times New Roman font, and one-inch margins, in APA format. Each policy should be no longer than one page.
See attached Case document…