Carefully draft 4-5 paragraphs summarizing the knowledge gained in operation security. What did you not know prior to the course?(Security Policies and Implementation Issues ) What information do you see that you can immediately start using? What would you change in future in course
The purpose of this response plan is to ensure that IT related incidents are reported in a timely manner and addressed accordingly. The response policy outlines the procedure that should be followed in reporting any identified incidence of concern.
This policy applies to all users of the healthcare facility. This includes employees and all relevant stakeholders. The users will be required to report actual and suspected IT incidents. The response policy will cover all IT incidents relating to the healthcare server, mainframe, RSA user access and the entire ICT system.
Incident reporting process
Step 1: Contacting the IT help Desk
Any user who notices an IT incident is required to contact the IT help desk. The IT desk representative will then log the details of the caller, time, nature of incidence, location and type of equipment involved and how the incident was discovered.
Step 2: IT representative contacts response team
The IT help desk will contact the response team from the stored list of personnel. The help desk representative should provide the response team with the collected information, so as to be able to locate the equipment of area of action
Step 3: Determination of the appropriate action strategy
Depending with the nature of incident reported, the response team member may decide to respond alone or consult the other members of the team. Among the key areas the officer should consider include; urgency, potential damages, whether the threat is real or perceived, what systems are affected or targeted, whether the response alerts the attacker, type of incidence (e.g. virus, intrusion, damage, worm), among others.
Step 4: creating incidence ticker
The incident ticket should contain key details such as the level of threat of the incidence; whether high, medium or low. Priority of response should be assigned based on the levels above, with the threat of high level given urgent response.
Step 5: Investigation into the incident
The response team should investigate the issue, including looking at the logs, to determine how the incident occurred. In case of intrusion, the IT personnel should investigate the loopholes used by the intruder. If any witnesses are available, they should be interviewed to get insight on how the incident occurred. All available investigation techniques should be embraced to come to the root of the incident.
Step 6: system restoration
The response team will work to restore the system to a working state. This involves repairing or replacing any damaged parts of the system.
Step 7: Recommendation for change or improvement
The response team should give a report based on their evaluation of the incident. This should outline the root cause of the problem, and what measures should be put in place to avoid a repeat of the incident.
Step 8: Post-mortem review of the response and updating of policies
The incident response should be evaluated to determine if it was capable of curbing the menace in expected time. Recommendation for improvement (if any) should be made to ensure that future responses work perfectly.
Definition of key terminologies
IT incident – refers to any unplanned interruption of the functioning of the all or part of the IT system. This may result in complete failure or a poor quality service from the system
IT security incident – refers to anything that poses a security threat to the IT system; such as that which would lead to breach of privacy, loss of data, malfunctioning of software due to virus attack etc.
Computer Incident Response Team – it is a team of IT specialists, who remain on standby to attend any issue that may arise in the computer systems as the general users use them.
Purpose & Scope
The policy opens with the explanation of the purpose and scope. There are recommendation termed as essential in any policy by Whitman & Mattord (2017), in their book, “Management of Information Security.” According to the authors, it is important to explain why the policy is important and what it would entail. In the policy prepared, the purpose of the policy (plan) was explained that it would enable quick reporting of the IT incidents that may emerge in the healthcare environment from time to time. Under the scope, it is explained that all users would be required to pay part in the reporting of the incidents as they occur.
The identification of the procedure that needs to be followed in reporting IT incidents is important. This makes every stakeholder aware of his/ her roles in the reporting of IT incidents, and most importantly; to whom such incidents should be reported. The policy clearly outlines the steps to be followed in reporting and responding to the incidents. It also outlines the key considerations at each stage, as well as the key details that the relevant person should seek to get. For instance, when a user calls the IT desk, a log should be logged, containing details of the caller and the incident reported. This ensures a quick identification on the problem and response.
Incident severity ranking
Nozaki & Tipton (1998) outlined incident ranking on basis of severity as key to any effective response policy. According to them, incidents should be ranked on severity as; high, medium or low. This helps the response team in setting priority, incase several incidents occurred concurrently. In the policy developed for the healthcare, all reported incidents should be ranked based on their degree of severity.
Nozaki, M., & Tipton, H. (1998). Handbook of information security management. Boca Raton: Auerbach.
Whitman, M., &Mattord, H. (2017). Management of information security. Boston, MA: Cengage Learning.
This is what I gave on my last assignment
After merging of two health care organizations, cell phone use policy has to be introduced immediately to enable communication between the two groups. HIPAA compliant, which is a parent organization, is a hierarchical structure which follows a layout of a pyramid while other organization is a flat structure hence no level of management between the staff. The two structures, both hierarchical and flat, are essential while considering cell phone policy in the merged organizations. Fat organization involves fewer employees’ supervision, but they are allowed to take an active part in the decision-making process. On the other hand, Hierarchical Structure takes active supervision here employees’ staff level take a role of guiding those in the bottom level pyramid. As such, the two structures should be considered make major refinements to the organization’s cell phone use policy (Chiou& Cheng, 2013). The outlined company policy will not focus on set expectations from the employees but will address significant issues of security, safety and enhancing privacy in the organization. Employees in both organizations should be advised to follow some policies to improve successful cell phone communication. All workers are required to be conscientious and professional every time they are using company cell phones.
The first policy will be phone usage within organization premises. Employees should gain an understanding that organization cell phones are used for business purposes only. Furthermore, they should make efforts to ensure they don’t exceed the set minutes allowed for mobile communication. In both flat and hierarchical structure, the information communicated should be precise to avoid additional cell phone charges (Wei & Leung, 2009). To ensure this policy is followed, cell phone plans should have reviewed after every two weeks or month to ensure employees do not exceed the contracted allowed minutes. However, those who have exceeded the allotted minutes should be subjected to additional usage review.
The next policy will cell phone usage while driving. Since this policy will be crucial, an organization will have zero tolerance to ensure workers safety. Alternatively, to ensure employees who use company vehicles are safe, it is imperative for them to pull over and stop to receive a phone call (Prensky, 2015). They should stop at a safe location to get the message clear without disturbances to enhance good team player qualities. Moreover, in a safe location, a driver can dial, converse or receive on the cell phone in any way. Failure to follow this policy wild attract, disciplinary action, termination being one of them.
Representatives may convey and utilize individual mobile phones while at deal with a sporadic premise. If representative utilization of an individual wireless causes interruptions or misfortune in efficiency, the worker may wind up noticeably subject to disciplinary activity per organization approach (Prensky, 2015). Division supervisors maintain whatever authority is needed to ask for that the worker give mobile phone bills and utilization reports for calls made amid the working hours of that representative to decide whether utilize are unnecessary.
There are challenges that need to be overcome while using cellphones in the workplace and following the laid down policies. Cell phones in the workplace should not be used for private purposes but only for organization business purposes. Whoever caught using cell phones for private use will be fined and restricted from using company cell phones (Chiou& Cheng, 2013). Moreover, personal cell phones should not be used during work hours or official meetings failure to which will attract disciplinary actions. Employees should not disturb their colleagues while on cell phones. They should keep low voice to prevent public nuisance. In both structures, flat and hierarchical, employees should be supervised how they use their cell phones because they are essential for communication purposes.
Chiou, J. S., & Cheng, C. (2013). Should a company have message boards on its web sites?. Journal of Interactive Marketing, 17(3), 50-61.
Prensky, M. (2015). What can you learn from a cell phone? Almost anything (Vol. 1, No. 5). Innovate.
Wei, R., & Leung, L. (2009). Blurring public and private behaviors in public space: policy challenges in the use and improper use of the cell phone. Telematics and Informatics, 16(1), 11-26.
this was also my assignment so can you keep these in mind when you write coz I wrote this
Can you consider this as I wrote these