Develop a plan to deploy public key infrastructure (PKI) and encryption solutions to protect data and information?

User Generated

fghqrag017

Computer Science

ISOL 531 access control

school of computer and science

Description

you play the role of chief information technology (IT) security officer for the Quality Medical Company (QMC). QMC is a publicly traded company operating in the pharmaceutical industry.

Unformatted Attachment Preview

PKI and Encryption at Work ▪ Learning Objectives and Outcomes Develop a plan to deploy public key infrastructure (PKI) and encryption solutions to protect data and information. Assignment Requirements In this assignment, you play the role of chief information technology (IT) security officer for the Quality Medical Company (QMC). QMC is a publicly traded company operating in the pharmaceutical industry. QMC is expanding its arena of work through an increase in the number of clients and products. The senior management of the company is highly concerned about complying with the multitude of legislative and regulatory laws and issues in place. The company has an internal compliance and risk management team to take care of all the compliance-related issues. The company needs to make important decisions about the bulk of resources they will need to meet the voluminous compliance requirements arising from the multidimensional challenge of expansion. ▪ ▪ ▪ ▪ ▪ ▪ QMC will be required to conform to the following compliance issues: Public-company regulations, such as the Sarbanes-Oxley (SOX) Act Regulations affecting financial companies, companies that make loans and charge interest, such as the U.S. Securities and Exchange Commission (SEC) rules and Gramm-Leach-Bliley Act (GLBA) Regulations affecting healthcare privacy information, such as Health Insurance Portability and Accountability Act (HIPAA) Intellectual Property Law that is important for information asset protection particularly for organizations in the pharmaceutical and technology industry Regulations affecting the privacy of information, including personal identification information, such as personally identifiable information (PII) regularly collected from employees, customers, and end users Corporate governance policies including disclosures to the board of directors and the auditors and the policies related to human resources, governance, harassment, code of conduct, and ethics Compliance with regulatory requirements implies encrypting sensitive data at rest (DAR) and allowing access to role-holders in the enterprise who require the access. It also implies that sensitive data in motion (DIM) or data that is being communicated via e-mail, instant message (IM), or even Web e-mail must be suitably protected and sent only to the individuals who have a right to view it. The company is conscious about the loss they may face in terms of penalty and brand damage if they fail to abide by the compliance laws, especially in the online information transfer phase. Therefore, as a dedicated employee, your task is to develop a content monitoring strategy using PKI as a potential solution. You will need to determine a process or method to identify multiple data types, processes, and organizational policies. Incorporate them into a plan, and select a PKI solution that will effectively address the content management needs of your company. You need to present your PKI solution in the form of a professional report to the senior management. Required Resources None ▪ ▪ ▪ ▪ ▪ ▪ ▪ Submission Requirements Format: Microsoft Word Font: Arial, 12-Point, Double-Space Citation Style: APA Length: 1–2 pages Self-Assessment Checklist Use the following checklist to support your work on the assignment: I have identified specific data types related to the specific compliance regulatory requirements. I have indicated a solution for sharing data beyond the borders of the organization. I have appropriately selected and developed a PKI solution for content control. PKI and Encryption at Work  Learning Objectives and Outcomes Develop a plan to deploy public key infrastructure (PKI) and encryption solutions to protect data and information. Assignment Requirements In this assignment, you play the role of chief information technology (IT) security officer for the Quality Medical Company (QMC). QMC is a publicly traded company operating in the pharmaceutical industry. QMC is expanding its arena of work through an increase in the number of clients and products. The senior management of the company is highly concerned about complying with the multitude of legislative and regulatory laws and issues in place. The company has an internal compliance and risk management team to take care of all the compliance-related issues. The company needs to make important decisions about the bulk of resources they will need to meet the voluminous compliance requirements arising from the multidimensional challenge of expansion.       QMC will be required to conform to the following compliance issues: Public-company regulations, such as the Sarbanes-Oxley (SOX) Act Regulations affecting financial companies, companies that make loans and charge interest, such as the U.S. Securities and Exchange Commission (SEC) rules and Gramm-Leach-Bliley Act (GLBA) Regulations affecting healthcare privacy information, such as Health Insurance Portability and Accountability Act (HIPAA) Intellectual Property Law that is important for information asset protection particularly for organizations in the pharmaceutical and technology industry Regulations affecting the privacy of information, including personal identification information, such as personally identifiable information (PII) regularly collected from employees, customers, and end users Corporate governance policies including disclosures to the board of directors and the auditors and the policies related to human resources, governance, harassment, code of conduct, and ethics Compliance with regulatory requirements implies encrypting sensitive data at rest (DAR) and allowing access to role-holders in the enterprise who require the access. It also implies that sensitive data in motion (DIM) or data that is being communicated via e-mail, instant message (IM), or even Web e-mail must be suitably protected and sent only to the individuals who have a right to view it. The company is conscious about the loss they may face in terms of penalty and brand damage if they fail to abide by the compliance laws, especially in the online information transfer phase. Therefore, as a dedicated employee, your task is to develop a content monitoring strategy using PKI as a potential solution. You will need to determine a process or method to identify multiple data types, processes, and organizational policies. Incorporate them into a plan, and select a PKI solution that will effectively address the content management needs of your company. You need to present your PKI solution in the form of a professional report to the senior management. Required Resources None        Submission Requirements Format: Microsoft Word Font: Arial, 12-Point, Double-Space Citation Style: APA Length: 1–2 pages Self-Assessment Checklist Use the following checklist to support your work on the assignment: I have identified specific data types related to the specific compliance regulatory requirements. I have indicated a solution for sharing data beyond the borders of the organization. I have appropriately selected and developed a PKI solution for content control.
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

Attached.

Running Head: PKI AND ENCRYPTION AT WORK

PKI and Encryption at Work
Institution Affiliation
Date:

1

PKI AND ENCRYPTION AT WORK

2

TO: QMC Management
FROM: Chief Information Technology Security Officer
DATE: October 13, 2018
RE: PKI and Encryption at Work
Quality Medical Company (QMC)

requires a plan for deploying public key

infrastructure (PKI) and encryption solutions. The PKI and encryption solutions will
assist the company in protecting data and information. PKI is significant for QMC
because it...


Anonymous
Goes above and beyond expectations!

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags