I need help with the following: In this lab, you create a corporate policy for t
ID: 3849739 • Letter: I
Question
I need help with the following:
In this lab, you create a corporate policy for the management and use of laptops.
1. Review the following background information about the hypothetical company for which you will design a laptop policy.
· The Acme Printing and Publishing Company has corporate offices in New York City and regional offices in Scranton, Buffalo, and Baltimore. The company designs and prints internal publications for large corporations and for various U.S. government agencies. Much of the work product is considered highly classified by the company’s clients, and the Acme Information Technology and Security departments implement strong access controls.
· There are 250 employees in the corporate office and 75 employees in each regional office.
· Top-level management has decided to issue company laptops to 100 users (executives, quality control, and sales employees).
· The company laptops will be used to connect (a) to the corporate network via wired or wireless connections when in corporate locations, (b) to the Internet through an Internet service provider with which Acme has contracted, and (c) to the corporate network via VPN from remote locations.
· All laptops will run Windows 7 Enterprise Edition, Microsoft office 2010, and several line-of-business applications. All network servers run Windows Server 2008.
2. You are tasked with developing a policy that governs the management and use of laptops. Consider both the company background described in Step 1 and what you have learned about information security during your security course. Take into account threats, risks, vulnerabilities, consequences (should a threat occur), and available security controls. Be sure to consider both technical (enforceable) and social (unenforceable) controls. Consider methods to assure compliance with your policy. Create an outline for the security section of the laptop policy. You should break the security section into specific areas, such as Physical Security, Access Control, and so on. For example, one of the entries under the Physical Security heading might be “All laptops will have a bar coded identification tag firmly affixed.”
Create the outline for your laptop policy using sources such as your course textbook and the lnternet. Only when you have completed your policy outline should you go on to Step 3.
3. Do not continue with this step until you have completed Step 2. Your laptop policy has been implemented and the company laptops have been issued. Your manager informs you that the following issue has been reported. A company sales employee, who was onsite at a client company’s location, connected his laptop to the client’s network to download documents and the proprietary software program required to view them. The employee was unable to install the program and got an error message stating that he did not have the rights required to install the program and referring him to the Acme systems administrator.
Does your laptop policy address this issue? If not, revise your policy so that it does. If so, was the response the user received when trying to install the software consistent or inconsistent with your policy?
4. Several weeks later your manager reported another incident. An employee used her company laptop to connect to a wireless hot spot at a coffee shop in an airport. The next day, she reported that her laptop was behaving oddly; programs were taking a long time to run, and when working on a Microsoft Word file, the document suddenly went blank and the file, which she was sure she had saved earlier, could not be found on her system. Later, from her home, she connected to the corporate network through her VPN connection. The next day, the log files of the remote access server and of the antivirus hardware/software showed that her laptop had been infected by a well-known virus and that an attempt had been made, during her VPN connection the previous day, to infect her office workstation with the same virus. The employee was clearly distraught, and there is no suspicion that this was a deliberate attack on her part.
Does your laptop policy address these issues? If not, revise your policy so that it does. If so, was the user's experience with the use of the wireless hot spot and the infection of the laptop by a well-known virus consistent with your policy? Does your policy address the attempt by the laptop to infect the employee's office workstation via the remote access server? If not, revise your policy so that it does. If so, was the outcome consistent with your policy?
5. Submit your laptop policy outline (including revisions based on steps 3 and 4) to your instructor.
Explanation / Answer
1.The background of the company states that the employee require an high end processor laptops because they are working in corporate where every second counts and hence, getting the laptop hanged out or certain issues will only degrade the quality of time used in the office by each employee.
2. Policy For Governing The Use Of Laptops:
The security issues to focus on when working on the organizations network are as follows:
3. The issue that has been reported consist of the problem in the access security. The policy which regards that all the administrator rights will not be available to anyone. To overcome issues like stated above we have set an helpline number in which the employee can call whenever he needs to do some actions which require the administrator rights.
Checking For Things At Administrator Side
4. As we can see clearly the employee when connected to the cafe's WIFI he/she has an affected computer from possible virus , malware , etc. For , fighting with such issues the company's employee must report this issue to the manager and get the laptop for the checkup with the security expert so that they can get through this situation.
5. The final list of policies for the laptop are as follows:
Please rate the answer if it helped....Thankyou
Hope it helps....