Question

Yummy Good Treats has a number of traveling salespeople who cover territories throughout the Midwest. These employees use laptops with wireless Internet connections and mobile phones to communicate with the home office. They use these devices to retrieve confidential price lists and inventory information from headquarters. The salespeople need access to the information while they’re on the road. They also prepare customized quotes for each client and forward them to the home office for review prior to e-mailing or hand delivering them to the potential client. The company provides access through a Virtual Private Network (VPN). All employees are required to use the VPN when accessing company systems and data remotely.
You were given the task to help draft an information security standard. The organization is especially concerned about the need for maintaining the confidentiality of their pricing information (both on the price list and in quotes prepared for individual clients). You have been tasked with the responsibility of developing the first draft of a security standard document that governs the use of wireless devices and technology by the traveling salespeople. Your supervisor has explained to you that she recognizes that organizations usually develop individual wireless device standards and confidentiality standards but stressed the importance of including all of this information in a single document. She also reminded you that the majority of the sales force is not technically proficient and they are not likely to read a document that exceeds three pages in length.
Using the slides and the NIST SP 800-46* as references, prepare a security standard document that meets the requirements of Yummy Good Treats in a clear, concise manner. While writing the document, keep in mind the business needs of the organization and the target audience for your writing. Remember, the NIST SP is far to lengthy for our purposes, but it has some good information in it. Your standard should include the following sections:
 Statement of Standard
o Scope and applicability
o Definition of technology
o Responsibilities
 Authorized Access and Use of Equipment and Resources
o User access
o Appropriate use of systems and data
o Protection and privacy
 Prohibited Use of Equipment and Resources
o Disruptive use or misuse
o Criminal use
o Offensive or harassing materials
o Copyrighted, licensed, or intellectual property
o Other restrictions
 Systems Management
o Management of stored materials
o Employer monitoring
o Malware protection
o Physical security
o Encryption
 Violation of Policy
o Procedures for reporting violations
o Penalties for violations

References:
* NIST SP 800-46 Rev. 1 – Guide to Enterprise Telework and Remote Access Security

Solution Preview

This material may consist of step-by-step explanations on how to solve a problem or examples of proper writing, including the use of citations, references, bibliographies, and formatting. This material is made available for the sole purpose of studying and learning - misuse is strictly forbidden.

Statement of Standard – the present document intends to highlight the importance of ensuring security of communication for remote connections used between main network facility from Yummy Good Treats and its teleworkers. It is organized as main guideline for creation and implementation of security policies that govern the maintenance of the most appropriate controls for secure remote access to sensitive resources. ...

This is only a preview of the solution. Please use the purchase button to see the entire solution

Assisting Tutor

Related Homework Solutions

Cell Site Analysis
Homework Solution
$18.00
Cell
Site
Analysis
Phone
Forensic
Map
Tower
Geographical
Time
Call
SMS
Service
Law
Enforcement
Suspect
Crime
Expert
Witness
Court
Company
Equipment
CAMP
CDR
Record
Cellular
Two Information Security Questions about Authorization Types and Malware Analysis
Homework Solution
$20.00
Authorization
Malware
Plumbing
Contractor
Role
RBAC
Inventory
Database
Part
System
Payable
Clerk
Installation
Foreman
Acess
Read-only
Read-write
CodeRed
ILOVEYOU
Nimda
MyDoom
Payload
Spread
Trigger
Condition
Damage
Strategy
Miti
Digital Forensics FISA Assignment
Homework Solution
$20.00
Digital
Mobile
Forensics
FISA
Report
US
Department
Justice
Congress
FISC
Application
Access
Calendar
Year
Request
National
Security
Letter
Authorities
Attorney
General
Surveillance
Appeal
Judge
Patriot
Act
District
Columbia
Pre
Get help from a qualified tutor
Live Chats