Hawaii Medical Systems, health and medicine homework help

May 3rd, 2016
Art Design
Price: $25 USD

Question description

You are an information security consultant and have recently been hired by a new client to update their information security program. Submit your final report as a .doc or .docx attachment 

Hawaii Medical Systems has grown by acquisition over the last five years. They operate two hospitals and four doctor’s offices in the island of Hawaii  area. They have managed information technology in an ad-hoc manner for years and have recently hired a Chief Information Officer who is pushing for a centralized data center to support the IT needs of organization; he has limited experience in information security, so Hawaii Medical System has hired you to fill in the gap. There is no one dedicated to security, no security awareness program, no dedicated security hardware or software (other than client managed anti-virus), and no one has examined potential regulatory issues that may impact Hoosier Medical Systems.

The doctor’s offices are running a mix of Windows XP, ME, Vista, and 7. There is no standard build, one of the two part-time IT staff members usually buy new workstations as needed from alibaba.com. They also have wireless at most offices for the doctor’s to use their personal laptops in patient rooms without the need to plug into the live network jack in every room, they often bring their laptops home to review patient records and for general personal use. Each office handles their own billing and accept credit cards via a single Hawaii  Medical System website or over their VoIP phone system. Each office has a file server, domain controller, network switch, and router directly connected to the Internet. The router has an ACL limited some network protocols. They send and receive some information between the two hospitals, including patient records, payroll, billing information, and other administrative data.

The hospitals have a larger and slightly better managed technology infrastructure. They have a small network room which was a janitor closet. Each floor has its own network hub which connects all workstations together. All departments use the same file server, but the finance department has created a shared folder limited to just their department.

The new CIO plans to completely rebuild the infrastructure, starting with a new high availability data center. He wants to re-architect and centralize data storage, applications, device management, etc. He’s not convinced that he needs to do much with the workstations at each site, but employees complain about lack of technical support and sporadic malware infections – they all have administrative rights.  He would like your perspective on the workstation issue, architecture suggestions, and anything else that they should consider when redesigning their IT infrastructure.

Your assignment is to document recommendations based on the scenario provided. Begin with the first section we covered Building a secure organization   and suggest a governance model for the Hawaii  Medical System’s new information security program. . Think about the attacker methodology, but this is not an incident response scenario. You may suggest an annual penetration test, but there’s no need to go into specific detail. Your final report should be 4 pages, single spaced (excluding diagrams if you choose to include them). 

Tutor Answer

(Top Tutor) chemtai
School: UC Berkeley

please find the attached file. looking forward to working with you again. good bye


Information Security Program




The recommendation for an information security program
Building a Secure Organization: IT Governance
A secure organization is with no doubt, able to operate effectively and efficiently. IT
governance can be defined as a set of approaches and the processes that promotes effectiveness
and efficiency in the use of Information system, they are thus important for an organization to
achieve its goals.
It is therefore, able to perform it functions free from threats and any other risks. In
building a secure organization; it is of high significance to ensure and consider the governance of
an information security program. Hawaii Medical System’s new information security program
thus needs governance measures too. Information technology has a key threat that is hacking of
the system.
Attacker methodology
The governance model would require Hawaii Medical System’s new information security
program to put in consideration the methods used by attackers. The system would need the
restriction of access. This would involve having passwords as requirements in order to gain
access to the system.
The organization information program would also consider having a firewall that would
keep away the attackers including hackers. It would also be of relevance to install software that
would prevent and protect the system from viruses, spywares and malwares.
The attackers of a system would always focus on the weakness of an organization’s
system. It is therefore recommended that the system is always protected and instances of failure
and breakdowns; should always be attended with an immediate effect.
Therefore, there would be the need for regular maintenance of the system. This would aid
in the discovery of any possible breakdowns and parts of the system which have weaknesses.
This would be of benefits to the organization as it would enhance the confidentiality of data; it is
also associated with cost effectiveness. This is because it would aid in the discovery of serious
damages and breakdowns before they happen.


Studypool has helped 1,244,100 students

Review from student
" Thanks, good work "
Ask your homework questions. Receive quality answers!

Type your question here (or upload an image)

1822 tutors are online

Brown University

1271 Tutors

California Institute of Technology

2131 Tutors

Carnegie Mellon University

982 Tutors

Columbia University

1256 Tutors

Dartmouth University

2113 Tutors

Emory University

2279 Tutors

Harvard University

599 Tutors

Massachusetts Institute of Technology

2319 Tutors

New York University

1645 Tutors

Notre Dam University

1911 Tutors

Oklahoma University

2122 Tutors

Pennsylvania State University

932 Tutors

Princeton University

1211 Tutors

Stanford University

983 Tutors

University of California

1282 Tutors

Oxford University

123 Tutors

Yale University

2325 Tutors