I have Homework

User Generated

snunq_99

Computer Science

Description

Prepare a five minute presentation for a security awareness briefing for new employees to make them aware of the policy and expectations for compliance. This presentation is based on the policy that you developed in assignment 2.

I put the assignment 2 in word document

and I need 6 Slides in powerpoint

Unformatted Attachment Preview

Laptop Security Policy Central Intelligence Agency (CIA) Feb 27, 2018 Policy Synopsis This policy describes the controls necessary to minimize information security risks affecting the CIA’s company issued laptops. CENTRAL INTELLIGENCE AGENCY POLICY MANUAL Subject: LAPTOP SECURITY POLICY Approved: (Signature Line) 1 Effective Date: (Insert Date) DEFINITION Laptop computers are an essential business tool but their very portability makes them particularly vulnerable to physical damage or theft. Furthermore, the fact that they are often used outside of the CIA’s premises increases the threats from people who do not work for the CIA and may not have its interests at heart. Since Each employee provided with a laptop by the CIA, they are responsible for the physical security of the laptop. All laptops acquired for or on behalf of the CIA are deemed to be company property. 2 INTRODUCTION Appropriate measures must be taken when using laptops to ensure the confidentiality, integrity and availability of sensitive information, including top secret information and that access to sensitive information is restricted to authorized users in order to protect the CIA’s reputation and intellectual assets. Appropriate measures must also be taken to reduce the likelihood of physical loss or damage to laptops in order to protect the CIA’s capital assets. 3 PURPOSE The purpose of this policy is to provide guidance for laptop security for CIA company issued laptops in order to ensure the security of information on the laptop and information the laptop may have access to. The policy is equally applicable to CIA contractors, services providers and other organizations or agencies that use laptop computers to process CIA information in the performance of their duties. 4 WHAT EXACTLY ARE WE PROTECTING The purpose of this policy is protect information saved and accessed on CIA company based laptops. Unauthorized access and tampering to a laptop, particularly if there are repeated opportunities for access, may: • Lead to continuing (and undetected) compromise of information on the laptop itself; Version Date Page 1 5 6 • Undermine security measures (including the encryption); intended to protect information on the laptop in the event of loss or theft; • Lead to compromise systems to which the laptop is connected, for example, CIA networked systems that are accessed from the laptop under an approved remote access arrangement • The impact of a breach of laptop security may therefore extend far more widely than the laptop itself. KEY POINTS • Traditional password protection on a laptop offers limited defense against a determined attacker because the attacker has free access to the device. Thus why we promote complex passwords. • The physical security controls that are possible within an CIA buildings environment are not available outside of that environment; therefore, if procedural and personal controls of the laptop are breached the only effective technical measure that can be applied is cryptography. • Encryption products are not difficult but must be used correctly in accordance with defined procedures, in particular the password and any token must be kept separate from the laptop; these are effectively the encryption key. Data is therefore only protected by encryption when the laptop is powered off and not in normal use. USER RESPONSIBILITIES • • • • • The physical security of the laptop is your personal responsibility so please take all reasonable precautions. Be sensible and stay alert to the risks. Keep your laptop in your possession and within sight whenever possible, just as if it were your wallet, handbag or cell phone. Be extra careful in public places such as airports, railway stations or restaurants. It takes thieves just a fraction of a second to steal an unattended laptop. If you have to leave the laptop temporarily unattended in the office, meeting room or hotel room, even for a short while, use a laptop security cable or similar device to attach it firmly to a desk or similar heavy furniture. These locks are not very secure but deter casual thieves. Lock the laptop away out of sight when you are not using it, preferably in a strong cupboard, filing cabinet or safe. This applies at home, in the office or in a hotel. Never leave a laptop visibly unattended in a vehicle. If absolutely necessary to leave a laptop in a vehicle, lock it out of sight in the trunk or glove box. Carry and store the laptop in a padded laptop computer bag or strong briefcase to reduce the chance of accidental damage. Version Date Page 2 7 LAWS, REGULATIONS, & POLICIES You must comply with relevant laws, regulations and policies applying to the use of computers and information. 8 INAPPROPRIATE MATERIALS The CIA will not tolerate inappropriate materials such as pornographic, racist, defamatory or harassing files, pictures, videos or email messages that might cause offense or embarrassment. Never store, use, copy or circulate such material on the laptop and steer clear of suspicious websites. IT staff routinely monitor the network and systems for such materials and track use of the Internet: they will report serious/repeated offenders and any illegal materials directly to management, and disciplinary processes will be initiated. 9 PROTOCOLS AGAINST UNAUTHORIZED ACCSESS • • • • You must use approved encryption software on all company issued laptops and choose a long, strong encryption password/phrase and keep it secure. Contact the IT Help/Service Desk for further information on laptop encryption. If your laptop is lost or stolen, encryption provides extremely strong protection against unauthorized access to the data. You are personally accountable for all network and systems access under your user ID, so keep your password absolutely secret. Never share it with anyone, not even members of your family or friends. Corporate laptops are provided for official use by authorized employees. Do not loan your laptop or allow it to be used by others such as family and friends. Avoid leaving your laptop unattended and logged-on. Always shut down, log off or activate a password-protected screensaver before walking away from the machine. 10 ENFORCEMENT Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment. 11 DEFINITIONS Laptops include: laptops, Smartphones, PDAs, computer based medical equipment containing or accessing patient information and authorized home laptops accessing the CIA network. Workforce members include: faculty, employees, volunteers, trainees, and other persons under the direct control of the CIA. Version Date Page 3 12 REVISION TABLE Date of Change Responsible Summary of Change June 2014 CIA Policy Team Updated and converted to new format. Version Date Page 4
Purchase answer to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

Explanation & Answer

attached is the completed assignment

CIA’S LAPTOP SECURITY POLICY
(An Orientation presentation)
Presenter:
Date:

Introduction
 We use laptops in our day to day life to do various

business.
 Because of their portable nature, they are prone to
damage and theft.
 At the CIA, laptops are integral to our operations
and can at times be used outside the CIA premises
making them vulnerable to theft and damage.
 Therefore laptop security policies are implemented
to avoid these adversities and should be adhered to
by each and every employee is responsible to
his/her laptop

...


Anonymous
Awesome! Made my life easier.

Studypool
4.7
Trustpilot
4.5
Sitejabber
4.4

Related Tags