Unit 3 Assignment 1: Analyzing the Critical Security Control Points The following is a listing of security control points that any company should look at as necessary areas for precaution and care. Information covered by each area will be what each area consists of, how it strengthens the company security and what could happen if these areas are not properly maintained. 1. Inventory of Authorized and Unauthorized Devices and Software – a listing of processes and tools used to track/control/prevent/correct network access by devices and software. Attackers are always looking for devices and software that are newly added to a system and not updated correctly with the security measures in place already.
Introduction to Programming NT1420 Unit 1 Assignment 1: Homework Short answer questions and answers: 1) Why is the CPU the most important component in a computer? The CPU is the part of the computer that actually runs the program. 2) What number does a bit that is turned on represent? What number does a bit that is turned off represent? A bit that is turned on represents the number 1.
COMPANY MERGER SCENARIO I understand that as we begin the transition of merging our two companies into one, there are many concerns. First, I need to know what operating system (OS) our new friends are using. I understand that they are using a directory service (DS), however, without knowing what type of DS they are using or what OS they are using, it is very hard to determine how to approach merging them with us. If they are using the same OS that we use, or even an older version of the Windows active directory (AD), the transition can be fairly seamless. Will the company we merge with be maintaining their existing network or will we be absorbing them into ours?
Because many information is stored in few places on the network machines, and many individuals has access to it, important is for organization to build the right architecture of needed database system and have the security policy in place before any of this will be used on a daily basis. The multilevel data distribution should be considered and have a few levels of security that allows not every individual access it to every data but only certain level of information. Architectural design plays important role in this step. Legal Issues Thinking about the legal issues can bring up many questions about what consequences may occur if the organization is not protected by the law in case of stolen data or attack to the database. One of the main issue that companies, individuals or database administrators can face or deal with when it comes to the database system is the copyright laws of the United States.
Some of the requirements would include strict control enforced via one-time password authentication or public keys with strong pass-phrases. Also, anyone trying to gain access must not be connected to any other network at the same time, aside from personal home networks under the user's complete control. Further, employees with access must not use email accounts other than the company's standards, so that personal use won't be confused with business. Users must have approved virus control and spyware protection in place on all devices accessing the company network. Remote access will be limited in certain areas, while at least Applications will be approved for access (Shared application data is an important part of Richman’s network).
Also we have introduced a warranty which guarantees a replacement phone if the screen does happen to shatter, however this is after paying a £30 insurance cost, and this insurance also covers the phone if it has a technical problem which is irreparable. We are not the only company to have a phone with this type of glass however we are unique in the fact that we will replace the phone if the insurance is taken out. Our new phone is targeted at people who are between the ages of 18 and 60, this is because we understand that people under the age of 18 are highly unlikely to be able to afford the product and people over the age of 60 do not normally require the features of our product. We also carried out a survey as to what people in what profession actually use our phone, we noticed that people like builders and plumbers etc. do not use our phones.
The deciding factor is the Clear View Laser Hardware and embedded software working together to provide the essential function. To label these items in any other form, than a software and non-software deliverables of a tangible product would require a stretch and leave the company vulnerable for further audit and investigation. So it is our conclusion that the maintenance and PCS would have to be packaged and sold together as one item and would not be able to be sold as separate
Every manufacturer in the market have their own operating system, now if Microsoft’s operating system becomes the standard in the next generation firms, then manufacturers are worried they will simply become assembly companies. Mobile phone companies use three major defence strategies (Shepherd, 2010, pp. 121) which are alliances, licensing and application. In terms of alliances, manufacturers pair up with other companies to produce and work together to put out mobile phones with their partner’s operating system. For example, a lot of the Nokia phones use the Symbian operating system in their phones and it seems that Nokia is the only company to have resisted making a deal with Microsoft.
Why you ask? Technology changes every day. There’s always something new out there that will determine whether or not this product is purchased or consumers decide to go with a competitor’s product instead. This I know will have a major impact of this type of product but regulatory trends I’m not sure of. The U-phone can help with politicians and legal people doing business from the comfort of their homes but I don’t know if this will last.
2.2 Addressing security and privacy issues Databases that contain information about stakeholders will be kept on a need to know basis, on a separate server with data encryption facilities. Data on access will be kept purely for security reasons to log possible cases of misuse and unauthorised access. Access will also be logged if a new entry is created, edited or deleted. All login data will only be accessible by staff that have a high level of security clearance. General data pertaining information on logins will only hold aggregate statistics such as the number of logins in a day and the number of failed logins.