Outline A New IT Security Policy Due Week 9 And Worth 250

Outline A New It Security Policydue Week 9 And Worth 250

Outline A New It Security Policydue Week 9 And Worth 250

Assignment 3: Outline a New IT Security Policy Due Week 9 and worth 250 points. You have been hired by the Board of Directors of RollinOn, Inc. as the new IT Security Manager. RollinOn is a designer of premade and custom-designed skates and skateboards. The company has experienced significant growth in e-Commerce activities, especially with the addition of their custom design tools on the website. However, the organization has encountered internal security issues, including lax policies allowing employees to bring their own tablets and laptops (BYOD) and access social media on the intranet. Additionally, the web application development team has increased in size and requires sound security practices, especially given previous incidents of malware downloads and a website hack.

The main objective of this assignment is to create an outline of a new IT security policy focusing on the company’s web presence and access control issues. You may make necessary assumptions for this task.

Part I: Written Section

Write a three to five (3-5) page paper that covers the following components:

  • Current State of Web Application Security: Briefly explain the current security landscape concerning web applications, emphasizing common vulnerabilities, recent threats, and overall security challenges faced by organizations like RollinOn.
  • Security Risks Associated with Web Presence and E-Commerce: Describe the major potential security risks such as data breaches, hacking, malware, social engineering attacks, and insider threats that could impact the organization’s web assets and e-Commerce operations.
  • Mitigation Techniques and Technologies: Assess and recommend strategies, tools, and technologies—such as firewalls, intrusion detection/prevention systems (IDS/IPS), SSL/TLS encryption, secure coding practices, and regular vulnerability assessments—to mitigate identified risks effectively.
  • Outline of New IT Security Policies: Develop a comprehensive outline for organizational policies that address access control, acceptable use, device management, incident response, and other relevant security measures. Tie each policy component directly to specific risks outlined earlier.
  • Potential Employee Resistance: Speculate on common forms of resistance or challenges that might arise from employees when implementing these new policies, such as reluctance to comply due to inconvenience or lack of awareness.

Include at least four (4) credible references, excluding Wikipedia or similar sources. Ensure the formatting adheres to APA style, with proper citations and a reference list.

Part II: PowerPoint Presentation

Create an eight to ten (8-10) slide PowerPoint presentation for the Board of Directors that:

  • Summarizes the major components of your new IT security policy.
  • Associates each policy component with specific organizational or web application risks.

The presentation should be clear, concise, and visually engaging, serving as a summary and visual guide of the detailed policies outlined in Part I.

Note:

All responses should demonstrate critical analysis, clear organization, professional language, and adherence to APA formatting guidelines. The work will be evaluated based on answer quality, coherence, and adherence to assignment instructions.

References

  • Anderson, R. J. (2020). SecurityEngineering: A Guide to Building Dependable Distributed Systems. Wiley.
  • Gordon, L. A., & Loeb, M. P. (2002). The benefits of security investments. Communications of the ACM, 45(7), 39–44.
  • Kim, D., & Solomon, M. G. (2016). Fundamentals of Information Systems Security (2nd ed.). Jones & Bartlett Learning.
  • Santos, A. L., & Ribeiro, J. (2017). Web application security: An overview of common vulnerabilities. Journal of Information Security and Applications, 34, 25–34.
  • Scott, J., & Smith, S. (2019). Cybersecurity for small businesses: How to reduce your risk. Business Expert Press.
  • Shah, A., & Lee, S. (2018). Mitigating web application attacks with modern security practices. IEEE Security & Privacy, 16(3), 56–62.
  • Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97–102.
  • Whitman, M., & Mattord, H. (2017). Principles of Information Security (6th ed.). Cengage Learning.
  • Willison, R., & Warkentin, M. (2010). Beyond compliance: The importance of employee behavior in information security. Information Management & Computer Security, 18(1), 36–50.
  • Zamboni, D., & Munro, R. (2018). Web application security testing tools and techniques. Journal of Cyber Security Technology, 2(2), 115–130.

Related Assignments