09 May Research Remote Access Policies: In this part of the lab, you will review internet resources on remote access policies in order to form a basis for their purpose and usag
Part 1: Research Remote Access Policies (0/1 completed)
Note: In this part of the lab, you will review internet resources on remote access policies in order to form a basis for their purpose and usage. Understanding the reason behind a remote access policy is key to understanding the component policies and procedures. Please take the time to review the research thoroughly and think through the concepts of the policy itself.
1. In your browser, navigate to and read the “Remote Access Policy” template at https://www.sans.org/information-security-policy/.
2. Using your favorite search engine, locate a remote access policy for a higher education institution.
3. Using your favorite search engine, locate a remote access policy for a healthcare provider.
4. Write a brief summary of the information during your research. In your summary, focus on the key elements of the remote access policy. You should also identify any unique elements of remote access policies for higher education and healthcare institutions. Be sure to provide links to the remote access policies you identified in steps 2 and 3.
Part 2: Create a Remote Access Policy (0/7 completed)Note: As you found in your research, different industries have similar but different policies. When using a policy template, it is important to ensure that the template matches the needs of your specific industry and business.
Review the following risks and threats found in the Remote Access Domain:
- The organization is a local credit union that has several branches and locations throughout the region.
- Online banking and use of the internet are the bank’s strengths, given its limited human resources.
- The customer service department is the organization’s most critical business function.
- The organization wants to be in compliance with the Gramm-Leach-Bliley Act (GLBA) and IT security best practices regarding its employees.
- The organization wants to monitor and control use of the internet by implementing content filtering.
- The organization wants to eliminate personal use of organization-owned IT assets and systems.
- The organization wants to monitor and control use of the e-mail system by implementing e-mail security controls.
- The organization wants to implement security awareness training policy mandates for all new hires and existing employees. Policy definitions are to include GLBA and customer privacy data requirements, in addition to a mandate for annual security awareness training for all employees.
- 1. Identify a security control or countermeasure to mitigate each risk and threat identified in the Remote Access Domain. These security controls or countermeasures will become the basis of the scope of the Remote Access Domain policy definition to help mitigate the risks and threats commonly found within the Remote Access Domain.
- 2. Review the following characteristics of the fictional Healthwise Health Care Provider:
- Healthwise has several remote health care branches and locations throughout the region.
- Online access to patients’ medical records through the public Internet is required for remote nurses and hospices providing in-home medical services.
- Online access to patients’ medical records from remote clinics is facilitated through a virtual private network (VPN) and a secure web application front-end over the public Internet.
- The organization wants to be in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and IT security best practices regarding remote access through the public internet.
- The organization wants to monitor and control the use of remote access by implementing system logging.
- The organization wants to implement a security awareness training policy mandating that all new hires and existing employees obtain remote access security training. Policy definition is to include HIPAA and electronic protected health information (ePHI) security requirements and a mandate for annual security awareness training for all remote or mobile employees.
- 1. Create an organization-wide remote access policy for Healthwise Health Care:
Healthwise Health Care
Remote Access Policy for Remote Workers and Medical Clinics
Define your policy verbiage.
Define the policy’s purpose as well as its objectives and policy definitions
Define whom this policy covers and its scope. What elements, IT assets, or organization-owned assets are within this policy’s scope?
Does the policy statement point to any hardware, software, or configuration standards? If so, list them here and explain the relationship of this policy to these standards. In this case, Remote Access Domain standards should be referenced, such as encryption standards and VPN standards; make any necessary assumptions.
Explain how you intend to implement this policy for the entire organization.
Explain any roadblocks or implementation issues that you must overcome in this section and how you will surmount them per defined guidelines. Any disputes or gaps in the definition and separation of duties responsibility may need to be addressed in this section.
Challenge Exercise Note: The following challenge exercise is provided to allow independent, unguided work – similar to what you will encounter in a real situation.
For this portion of the lab, you will create training documentation for remote employees of Healthwise Health Care. This training will provide remote employees with methods they can use to secure their home network before connecting a company computer, as well as guidance on how to access the corporate network while traveling.
Use the internet to find information about remote access policies and home network protection, and then use this information to create a training document for remote employees.
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteEdu. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.
Do you need help with this question?
Get assignment help from WriteEdu.com Paper Writing Website and forget about your problems.
WriteEdu provides custom & cheap essay writing 100% original, plagiarism free essays, assignments & dissertations.
With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Chat with us today! We are always waiting to answer all your questions.