Assignment 3: Outline
a New IT Security Policy
Due Week 9 and worth 250 points
You have been hired by
the Board of Directors of RollinOn, Inc as the new
IT Security Manager. RollinOn is a designer of premade and custom designed skates and skateboards.
RollinOn has had some extreme growth in the area of
e-Commerce over the past couple of years due to the addition of their custom
design tools on their website. However, RollinOn has had
some internal security issues. RollinOn hs had some very lax policies allowing employees to
bring their own tablets and laptops, also known as bring your own device or
BYOD, and access social media on the intranet. The Web
application development team has increased in size and is also in need of sound
security practices. There have been several instances of downloaded malware and the company website has been hacked on at
least one (1) occasion.
Your main objective is
to create an outline of a new IT security policy regarding the company’s web
presence and lack of access control. Note: You may create and
/ or make all necessary assumptions needed for the completion of this
assignment.
Part I: Written
Section
Write a three to five (3-5) page paper in
which you:
1. Briefly explain the current state of Web
application security to the Board of Directors.
2. Describe the major potential security risks
associated with maintaining the organization’s Web presence, protecting its
assets, and promoting e-Commerce.
3. Assess any techniques and technologies that
you may need to use to mitigate those potential security risks.
4. Create an outline of your new IT security
policies for RollinOn. Be sure to relate your
policies to the potential risks.
5. Speculate on the most common types of
resistance that you might encounter from employees when implementing your new
IT policy.
6. Use at least four (4) quality references in
this assignment. Note: Wikipedia and
similar Websites do not qualify as quality references.
7. Format your assignment according to the
following formatting requirements:
a. Typed, double spaced, using Times New Roman
font (size 12), with one-inch margins on all sides.
b. Include a cover page containing the title of
the assignment, the student’s name, the professor’s name, the course title, and
the date. The cover page is not included in the required page length.
c. Include a reference page. Citations and
references must follow APA format. The reference page is not included in the
required page length.
Part
II: PowerPoint Presentation
Create an eight to ten
(8-10) slide PowerPoint presentation for the
Board of Directors in which you:
8, Outline the major components of your new IT security Policy.
Be sure to associate each policy with specific risks.
The specific course learning outcomes
associated with this assignment are:
·
Analyze the impact of
the Internet and Web applications on the business world.
·
Analyze the evolution
of social media, social networking, and the ethical issues they raise.
·
Compare and contrast
Web-based risks.
·
Analyze common Website
attacks, weaknesses, and security best practices.
Grading for this
assignment will be based on answer quality, logic / organization of the paper,
and language and writing skills, using thefollowing rubric.
