Computer Security Corporate Security Documentation Suitable for Essay

Download this Essay in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from Essay:

Computer Security: Corporate Security Documentation Suitable for a Large Corporation


(I) in-Depth Defense Measures

(II) Firewall Design

(III) Intrusion Detection System

(IV) Operating System Security

(V) Database Security

(VI) Corporate Contingency of Operation

(VII) Corporate Disaster Recovery Plan

(VIII) Team Members and Roles of Each

(IX) Timeline with Goal Description

(X) Data Schema

(XI) Graphical Interface Design

(XII) Testing Plan

(XIII) Support Plan

(XIV) Schematics

Computer Security: Corporate Security Documentation Suitable for a Large Corporation

(I) In-Depth Defense Measures

Information Technology (IT) Acceptable Use Policy

The intentions of IT for the publication of an Acceptable Use Policy are to ensure that non-restrictions are imposed that are not contrary to the organizations' culture of openness, integrity and trust. IT has a firm commitment to the protection of the company's employees, partners and the company from any individuals that are illegal or that would otherwise cause damage with or without knowledge or intent to the following:

Internet/Intranet/Extranet-related systems, including but not limited to computer equipment, software, operating systems, storage media, network accounts providing electronic mail, WWW browsing, and FTP, are the property of the company and these systems are to be used for business purposes in serving the interests of the company, and of our clients and customers in the course of normal operations.

Required in the effective security initiative is a team effort with full participation and support of each company employee. Each individual in the company that uses a computer has a responsibility to be aware of the guidelines and to follow these guidelines.

The purpose of this publication is to outline the appropriate use of computers in the organization. These rules are for the purpose of protecting the employee and the company against virus attacks and network systems services and to avoid legal situations. This policy is applicable to employees, contractors, consultants, temporaries and any other workers with this organization. Furthermore, included are personnel affiliated with other or third parties.

General Use and Ownership

Good judgment is required to be exercised by all employees and individual departments are responsible for development of guidelines on the personal use of the Internet/Intranet/Extranet systems. Any sensitive information or information considered vulnerable should be encrypted. The network may be monitored by authorized persons including equipment, systems and network traffic at any time for security purposes.

Security and Proprietary Information

The user interface for information included on the related systems will be classified as confidential or alternatively as non-confidential. Confidential information includes but is not limited to the following:

(1) company private information;

(2) corporate strategies;

(3) competitor sensitive information;

(4) trade secrets;

(5) specifications;

(6) customer lists; and (7) research data.

All PCs, laptops and workstations of the company will be security with a password-protected screensaver with automatic activation feature set for ten minutes or less or through logging off when the host is to be unattended. All host computers used by employees in conducting business for the company shall be equipped with an anti-virus program. Activities that are prohibited in general include any activity deemed illegal by local, state, federal or international law. Activities that are strictly prohibited include:

(1) violations of the right of any individual or company protected under copyright, trade secret, patent or other type of intellectual property including any similar laws or regulations.

(2) unauthorized copying of copyrighted material -- this includes photographs from magazines, books or other sources under copyright protection as well as music and any copyright software.

(3) exporting software, technical information, encryption software or technology in violation of international or regional laws controlling exports.

(4) introducing programs that are malicious into the network or server that contain any types of virus, worm, Trojan horse, email bomb or any other type of threat;

(5) revealing their password to others or allowing use of their account by others.

(6) Using the company computer or system to engage in the procurement or transmission of material that violate sexual harassment or hostile workplace laws in the jurisdiction of the company or the user.

(7) Making fraudulent offers relating to products, services, or items that originate from any company account.

(8) making statements concerning express or implied warranties unless that is part of the individual normal and regular tasks with the company.

(9) Committing breaches of security or network communication disruptions.

(10) Scanning ports or security scanning is prohibited unless IT is first informed.

(11) Execution of any type of monitoring on the network that will intercept data not intended for the host of the employee is prohibited.

(II) Firewall Design

The Network Support Organization maintained firewall devices are required to be configured adhering to least-access principles and the organization's business needs. The firewall device is required to be the only access point between the host computers and the company's networks and the Internet. Any type of cross-connection bypassing the company's firewall device is prohibited.

Changes to the original firewall configurations are required to be reviewed and approved by company IT and this includes both general configurations as well as rule sets. If additional security measures are needed these may be instituted by IT for the company. All routers and switches that are not testing or training utilized are under a requirement to conform to the company router and switch standardization documents. All operating systems of host computers internal to the company must be configured to the secure host installation and configuration standards.

Current applicable security patches and hot-fixes for applications that are Internet services must be applied and administrative owners groups must have procedures in place to stay current on the patches and hotfixes that are appropriate. All applicable security patches and hot-fixes that the vendor recommends are required to be installed. Services and applications that are not serving requirements of the company should be disabled.

Company information that is confidential is prohibited to be kept on host computers where company personnel have physical access as required by the information sensitivity classification policy for the company. Remote administration has a requirement of being performed over channels that are secure through use of encrypted network connections.

(III) Intrusion Detection System

The company network will be inclusive of an intrusion detection system (IDS) for the purpose of monitoring network traffic and monitoring for suspicious activity. Should the system detect such incidences the network administrator will be notified. The intrusion detection system utilized by the company will be a network based (NIDS) intrusion detection system. In addition, the company's host computers will have host intrusion detection systems (HIDS) installed for the purpose of monitoring the inbound and outbound packets from the device and which will alert the network administrator should any incidences occur.

Included in the intrusion detection system for the company is a signature-based IDS and an anomaly-based IDS. The signature-based IDS monitors network packets and conducts a comparison of these against a database of signatures from known malicious threats while the anomaly-based IDS will monitor the network traffic and conduct comparison of it against an established baseline that identifies 'normal ' network activity.

(IV) Operating System Security

The work of Heidari (2011) states that operating system security "revolves around the appropriate protection of four elements:

(1) confidentiality;

(2) integrity;

(3) availability; and (4) authenticity.

Confidentiality and integrity "deal with the three important roles of:

(1) protection models;

(2) capability; and (3) assurance. (Heidari, 2011)

Multiprogramming includes resource sharing among users including memory sharing, sharing of I/O devices as well as sharing of programs and data. The Operating System for the company should offer protection that is based on shared access through access limitation involving the operating system (OS) checking the permission levels of each access according to the specific users and the specific object thereby acting as a guard between users and objects and ensuring that the only accesses to occur are those properly authorized. The access control that will be utilized will be 'user-oriented access control' or 'authentication. This is the most commonly used technique for user access control and required an ID and Password.

File sharing will involve several access rights:

(1) reading;

(2) appending; and (3) updating.

These access rights will be granted to different classes of users. When access is granted to more than one individual users to make changes or updates to a file the operating system will enforce discipline with the approach allowing the user to lock the file when it is updated.

The work of Heidari states that there are five common security problems in regards to the operating system including:

(1) improper input validation;

(2) weak cryptographic algorithms;

(3) weak authentication protocols;

(4) insecure bootstrapping; and (5) mistakes in configurations

The first four are such that have a "technical or system-related basis, while the latter is related to organizational problems or management." (Heidari, nd) Therefore, these common security problems must be guarded against by the network administrator and IT department.

(V) Database Security

The largest concern for the system administrator at the server level is that of security because this is where all the action takes place. Microsoft SQL Server…[continue]

Cite This Essay:

"Computer Security Corporate Security Documentation Suitable For" (2012, April 28) Retrieved October 27, 2016, from

"Computer Security Corporate Security Documentation Suitable For" 28 April 2012. Web.27 October. 2016. <>

"Computer Security Corporate Security Documentation Suitable For", 28 April 2012, Accessed.27 October. 2016,

Other Documents Pertaining To This Topic

  • Security Agip Kazakhstan North

    They need to know what their responsibilities are not only as individuals but also as team members and corporate employees. David cites an excerpt from a corporate security document that illustrates his point: "A security policy serves many functions. It is a central document that describes in detail acceptable network activity and penalties for misuse. A security policy also provides a forum for identifying and clarifying security goals and

  • Security Issues of Online Communities

    This researcher rejects the existence of online communities because computer mediated group discussions cannot possibly meet this definition. Weinreich's view is that anyone with even a basic knowledge of sociology understands that information exchange in no way constitutes a community. For a cyber-place with an associated computer mediated group to be labeled as a virtual settlement it is necessary for it to meet a minimum set of conditions. These are:

  • Building a Company

    planning, assessment and measurement of proposed idea plays the most important role. Steve Jobs, Michael Dell and Bill Gates are renowned names for their ideas in computer businesses. But in fact there is no mystery behind any successful business; just you need is the right procedure and decisions to follow. Preparing a business model is the first step towards the path of successful business. However, before you start developing model

  • Data Warehouse a Strategic Weapon of an Organization

    Growth Aided by Data Warehousing Adaptability of data warehousing to changes Using existing data effectively can lead to growth Uses of data warehouses for Public Service Getting investment through data warehouse Using Data Warehouse for Business Information Ongoing changes in Data Warehousing The Origin of Data Warehousing and its current importance Relationship between new operating system and data warehousing Developing Organizations through Data Warehousing Telephone and Data Warehousing Choose your own partner Data Warehousing for Societal Causes Updating inaccessible data Data warehousing for investors Usefulness

  • Presence of Multiple Views and

    However, the researchers can visualize the 'holistic' strategies even involve wide scope for utilization of computing resources as the basic instruments for collection and analyzing the data. (Willis; Jost, 2000) The usage of computers has played a significant role in quantitative research; likewise they have the ability to offer considerably to qualitative research. The quantity of data that is regularly gathered is the main restriction in carrying out successful qualitative

  • Cross Platform Mobile and Web

    82). Both desktop and Web widgets have the same basic components. Fundamentally, they use Web compatible formats, even if intended to run in a desktop environment. This means that the core of the widget is HTML and CSS code which contains the actual content of the widget, namely text, linked images/video or content pulled from a server of Web service. Alternatively, the widget content can be created using Flash, although

  • Wireless Broadband Technology

    Wireless Broadband Technology Overview of Wireless technology Presently it is quite evident to come across functioning of a sort of wireless technology in the form of mobile phone, a Palm pilot, a smart phone etc. With the inception of fast connectivity in the sphere of commerce it is customary and useful to operate from central locations communicating with the remote branches, conducting conferences in remote places, discussing with every body at every

Read Full Essay
Copyright 2016 . All Rights Reserved