Hawaii Medical Systems, health and medicine homework help

User Generated

lnobv01

Other

Description

You are an information security consultant and have recently been hired by a new client to update their information security program. Submit your final report as a .doc or .docx attachment 


Hawaii Medical Systems has grown by acquisition over the last five years. They operate two hospitals and four doctor’s offices in the island of Hawaii  area. They have managed information technology in an ad-hoc manner for years and have recently hired a Chief Information Officer who is pushing for a centralized data center to support the IT needs of organization; he has limited experience in information security, so Hawaii Medical System has hired you to fill in the gap. There is no one dedicated to security, no security awareness program, no dedicated security hardware or software (other than client managed anti-virus), and no one has examined potential regulatory issues that may impact Hoosier Medical Systems.


The doctor’s offices are running a mix of Windows XP, ME, Vista, and 7. There is no standard build, one of the two part-time IT staff members usually buy new workstations as needed from alibaba.com. They also have wireless at most offices for the doctor’s to use their personal laptops in patient rooms without the need to plug into the live network jack in every room, they often bring their laptops home to review patient records and for general personal use. Each office handles their own billing and accept credit cards via a single Hawaii  Medical System website or over their VoIP phone system. Each office has a file server, domain controller, network switch, and router directly connected to the Internet. The router has an ACL limited some network protocols. They send and receive some information between the two hospitals, including patient records, payroll, billing information, and other administrative data.


The hospitals have a larger and slightly better managed technology infrastructure. They have a small network room which was a janitor closet. Each floor has its own network hub which connects all workstations together. All departments use the same file server, but the finance department has created a shared folder limited to just their department.


The new CIO plans to completely rebuild the infrastructure, starting with a new high availability data center. He wants to re-architect and centralize data storage, applications, device management, etc. He’s not convinced that he needs to do much with the workstations at each site, but employees complain about lack of technical support and sporadic malware infections – they all have administrative rights.  He would like your perspective on the workstation issue, architecture suggestions, and anything else that they should consider when redesigning their IT infrastructure.


Your assignment is to document recommendations based on the scenario provided. Begin with the first section we covered Building a secure organization   and suggest a governance model for the Hawaii  Medical System’s new information security program. . Think about the attacker methodology, but this is not an incident response scenario. You may suggest an annual penetration test, but there’s no need to go into specific detail. Your final report should be 4 pages, single spaced (excluding diagrams if you choose to include them). 


User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

please find the attached file. looking forward to working with you again. good bye

Running head: INFORMATION SECURITY PROGRAM

Information Security Program
Name
Tutor
Institution
Course
Date

1

INFORMATION SECURITY PROGRAM

2

The recommendation for an information security program
Building a Secure Organization: IT Governance
A secure organization is with no doubt, able to operate effectively and efficiently. IT
governance can be defined as a set of approaches and the processes that promotes effectiveness
and efficiency in the use of Information system, they are thus important for an organization to
achieve its goals.
It is therefore, able to perform it functions free from threats and any other risks. In
building a secure organization; it is of high significance to ensure and consider the governance of
an information security program. Hawaii Medical System’s new information security program
thus needs governance measures too. Information technology has a key threat that is hacking of
the system.
Attacker methodology
The governance model would require Hawaii Medical System’s new information security
program to put in consideration the methods used by attackers. The system would need the
restriction of access. This would involve having passwords as requirements in order to gain
access to the system.
The organization information program would also consider having a firewall that would
keep away the attackers including hackers. It would also be of relevance to install software that
would prevent and protect the system from viruses, spywares and malwares.
The attackers of a system would always focus on the weakness of an organization’s
system. It is therefore recommended that the system is always protected and instances of failure
and breakdowns; should always be attended with an immediate effect.
Therefore, there would be the need for regular maintenance of the system. This would aid
in the discovery of any possible breakdowns and parts of the system which have weaknesses.
This would be of benefits to the organization as it would enhance the confidentiality of data; it is
also associated with cost effectiveness. This is because it would aid in the discovery of serious
damages and breakdowns before they happen.

...


Anonymous
Really helped me to better understand my coursework. Super recommended.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Similar Content

Related Tags