Organizational Security Plan
38 Pages6571 Words308 Views
Added on 2022-11-27
About This Document
This report discusses the security plan of the National Bank of Texas, including risk assessment, security policies, network security, and disaster recovery. It provides recommendations for mitigating risks and ensuring system and application security. The report also discusses the organization's description and the challenges it faces in the banking industry.
Organizational Security Plan
Added on 2022-11-27
ShareRelated Documents
Running head: ORGANIZATIONAL SECURITY PLAN
ORGANIZATIONAL SECURITY PLAN: A Case Study of National Bank of Texas
Name of the Student:
Name of the University:
Author Note:
ORGANIZATIONAL SECURITY PLAN: A Case Study of National Bank of Texas
Name of the Student:
Name of the University:
Author Note:
ORGANIZATIONAL SECURITY PLAN1
Table of Contents
1. Organization Description.........................................................................................................4
1. Risk Assessment.......................................................................................................................6
Assets...........................................................................................................................................6
Risk in the working environment of the company.......................................................................7
Tools used to conduct the risk assessment..................................................................................9
Technologies used to mitigate the risks.....................................................................................10
2. Security policies.....................................................................................................................11
Monitoring the policies..............................................................................................................13
Appropriate punishment for the violators..................................................................................13
Timetable for reviewing or updating the policies......................................................................15
3. Network Security....................................................................................................................16
Network Description..................................................................................................................16
Network Topology.....................................................................................................................17
Protocols allowed.......................................................................................................................21
Network equipment and connectivity procedures.....................................................................23
Implementation of new management software to manage the network equipments.................23
Network diagram.......................................................................................................................24
4. Incident Response, Business Continuity and Disaster Recovery...........................................26
Identification of key resources that are to be implemented immediately after tragedy.............27
Table of Contents
1. Organization Description.........................................................................................................4
1. Risk Assessment.......................................................................................................................6
Assets...........................................................................................................................................6
Risk in the working environment of the company.......................................................................7
Tools used to conduct the risk assessment..................................................................................9
Technologies used to mitigate the risks.....................................................................................10
2. Security policies.....................................................................................................................11
Monitoring the policies..............................................................................................................13
Appropriate punishment for the violators..................................................................................13
Timetable for reviewing or updating the policies......................................................................15
3. Network Security....................................................................................................................16
Network Description..................................................................................................................16
Network Topology.....................................................................................................................17
Protocols allowed.......................................................................................................................21
Network equipment and connectivity procedures.....................................................................23
Implementation of new management software to manage the network equipments.................23
Network diagram.......................................................................................................................24
4. Incident Response, Business Continuity and Disaster Recovery...........................................26
Identification of key resources that are to be implemented immediately after tragedy.............27
ORGANIZATIONAL SECURITY PLAN2
5. System and Application Security Business Continuity and Disaster Recovery.....................28
6. Business Continuity and Disaster Recovery..........................................................................30
References......................................................................................................................................32
5. System and Application Security Business Continuity and Disaster Recovery.....................28
6. Business Continuity and Disaster Recovery..........................................................................30
References......................................................................................................................................32
ORGANIZATIONAL SECURITY PLAN3
Introduction
Distributed environments security is one of the important concerns for every organization
in the world. The security exposure of an organization is raised by increasing use of internets,
electronic mail, extranets, and micro-computer based networks and WAN. In such environment,
the IS administrators or the executives depend mainly on security and audit personnel to
introduce a security plan which analyze such complex network environment of any organization.
Security plan handles risk of the company by identifying, evaluating as well as mitigating risk of
the organization. The report mainly focuses on the security of network of the selected
organization. The chosen company for this report is the National Bank of Texas. The report
describes the risk assessment of the organization, the security policies of the company, network
security, recommendations regarding mitigating the risk and disaster recovery and System and
application security.
Introduction
Distributed environments security is one of the important concerns for every organization
in the world. The security exposure of an organization is raised by increasing use of internets,
electronic mail, extranets, and micro-computer based networks and WAN. In such environment,
the IS administrators or the executives depend mainly on security and audit personnel to
introduce a security plan which analyze such complex network environment of any organization.
Security plan handles risk of the company by identifying, evaluating as well as mitigating risk of
the organization. The report mainly focuses on the security of network of the selected
organization. The chosen company for this report is the National Bank of Texas. The report
describes the risk assessment of the organization, the security policies of the company, network
security, recommendations regarding mitigating the risk and disaster recovery and System and
application security.
ORGANIZATIONAL SECURITY PLAN4
1. Organization Description
The National Bank of Texas is the locally preserved and functioned commercial trading
bank. It provides wide range of services for their customers which includes both personal and
business. The services that are provided by the company comprises of cheque accounts, saving
accounts, loans, financial services and so on (Sialaoa, 2019). The functionalities of the bank is
mainly operated by information systems which stores many sensitive information regarding their
customers. It also provides huge access to their customers like internet, mobile banking, and
smart ATM. The vision of the organization is to become the first choice in the whole South
Pacific. The banking operations of the organization looks to provide a quality services to their
customers which will enhance the welfare of the country. The thrift and banking industries face
many technological metamorphosis. Various innovative technologies such as local, wide area
network (LAN and WAN), developed computer operating system and internet are charming
strategic areas of the financial organizations (Molz, 2013). The National Bank of Texas relies
mainly on the Information system and the Artificial Intelligence devices. The operation and
composition variables of National Bank of Texas act statistically independent among the size
variables (number of employees, assets like laptops, desktops) and lastly the WAN. The main
goal of the selected organization is provide quality services to their customers. The organization
desire to achieve a stable, high performance and secure network with perfect time and provides
seamless access to their customer transactions and services. Internet become one of the important
factor in the financial industry but it has too some security threats which are to be focused by the
organization and prepare some mitigating measures to reduce the threats of the organization so
that they can provide quality services to their customers. The technological development like
electronic or smart finance enhance the impacts of networks in such type of finance institutions.
1. Organization Description
The National Bank of Texas is the locally preserved and functioned commercial trading
bank. It provides wide range of services for their customers which includes both personal and
business. The services that are provided by the company comprises of cheque accounts, saving
accounts, loans, financial services and so on (Sialaoa, 2019). The functionalities of the bank is
mainly operated by information systems which stores many sensitive information regarding their
customers. It also provides huge access to their customers like internet, mobile banking, and
smart ATM. The vision of the organization is to become the first choice in the whole South
Pacific. The banking operations of the organization looks to provide a quality services to their
customers which will enhance the welfare of the country. The thrift and banking industries face
many technological metamorphosis. Various innovative technologies such as local, wide area
network (LAN and WAN), developed computer operating system and internet are charming
strategic areas of the financial organizations (Molz, 2013). The National Bank of Texas relies
mainly on the Information system and the Artificial Intelligence devices. The operation and
composition variables of National Bank of Texas act statistically independent among the size
variables (number of employees, assets like laptops, desktops) and lastly the WAN. The main
goal of the selected organization is provide quality services to their customers. The organization
desire to achieve a stable, high performance and secure network with perfect time and provides
seamless access to their customer transactions and services. Internet become one of the important
factor in the financial industry but it has too some security threats which are to be focused by the
organization and prepare some mitigating measures to reduce the threats of the organization so
that they can provide quality services to their customers. The technological development like
electronic or smart finance enhance the impacts of networks in such type of finance institutions.
ORGANIZATIONAL SECURITY PLAN5
Declining the economies of scale, increasing commoditization as well as standardization and
rising the front cost will help the National Bank of Texas to lead in this competitive market,
provide better services and also will allow to lower the cost for their customers (Dowd, 2013).
Declining the economies of scale, increasing commoditization as well as standardization and
rising the front cost will help the National Bank of Texas to lead in this competitive market,
provide better services and also will allow to lower the cost for their customers (Dowd, 2013).
ORGANIZATIONAL SECURITY PLAN6
1. Risk Assessment
Risk assessment in banking sector mainly deals with the logical execution and
development of the plan to treat with the respective potential losses. It focuses on managing the
bank’s exposure to the losses or the risks and to prevent the value of the assets. The National
Bank of Texas is surrounded by many types of risks as the attacker always try to steal or achieve
the sensitive in formation of the bank’s customer, information includes name, passwords, age,
transaction, bank details like passbook number, cheque clearing and so on. The process of the
risk assessment begins by identifying the potential risk of the bank. After the identification of the
risk the officials of the National Bank of Texas identifies the potential steps that should be
implemented to mitigate the risk or the method to handle the risk. The National Bank of Texas
deals with many transaction everyday so they should be aware of the risk and should also find
some measures to analyze the method of handling such potential risks. The sensitive information
or the data of the organization are the primary driver of their daily operations thus, this should be
their highest priority and should be immediately secured with some securing tools.
Assets
The daily operations of the bank are carried out by the computer systems which have
developed operating systems and are connected by switches and routers in the LAN, WAN or
VPN, databases and so on (Nugroho et al., 2017). The assets of such type of institutions are like
the customer loans. Various smart devices are also used to complete the operations of the
organization like printers. They should be secured immediately to avoid different attacks in the
organization. They contain many sensitive information of their customers. Banking industry
contains huge collection of the sensitive data of the citizens and thus they should be kept
protected from the attackers. The banking organization becomes the first target of the attacker to
1. Risk Assessment
Risk assessment in banking sector mainly deals with the logical execution and
development of the plan to treat with the respective potential losses. It focuses on managing the
bank’s exposure to the losses or the risks and to prevent the value of the assets. The National
Bank of Texas is surrounded by many types of risks as the attacker always try to steal or achieve
the sensitive in formation of the bank’s customer, information includes name, passwords, age,
transaction, bank details like passbook number, cheque clearing and so on. The process of the
risk assessment begins by identifying the potential risk of the bank. After the identification of the
risk the officials of the National Bank of Texas identifies the potential steps that should be
implemented to mitigate the risk or the method to handle the risk. The National Bank of Texas
deals with many transaction everyday so they should be aware of the risk and should also find
some measures to analyze the method of handling such potential risks. The sensitive information
or the data of the organization are the primary driver of their daily operations thus, this should be
their highest priority and should be immediately secured with some securing tools.
Assets
The daily operations of the bank are carried out by the computer systems which have
developed operating systems and are connected by switches and routers in the LAN, WAN or
VPN, databases and so on (Nugroho et al., 2017). The assets of such type of institutions are like
the customer loans. Various smart devices are also used to complete the operations of the
organization like printers. They should be secured immediately to avoid different attacks in the
organization. They contain many sensitive information of their customers. Banking industry
contains huge collection of the sensitive data of the citizens and thus they should be kept
protected from the attackers. The banking organization becomes the first target of the attacker to
ORGANIZATIONAL SECURITY PLAN7
pursue their attack. The assets and the networking layer or the structure should be kept secure
such that it become complex for the attacker to attack the organization (Jamaluddin et al., 2017).
Thus, the assets of the organization are the information, physical devices, software, services and
Risk in the working environment of the company
The National Bank of Texas mainly contains the following risks (Cohn, Fehr &
Maréchal, 2017):
Liquidity Risk: Such type of risk is observed from the funding of the long term assets by
the short term liabilities which makes the liabilities to refinance or to rollover. Generally,
it is observed when the organization fails to meet the maturing commitment or by
burrowing the funds at the prohibitive prices or by disposing the assets at low price. The
can have the following form of liquidity risk (Guo & Liang, 2016):
o Funding Risk: This type of risk is observed when the bank is unable to achieve
funds to meet the cash flow obligations.
o Time Risk: It arises when the bank needs to compensate for the non-receipt of the
expected inflows of the funds.
o Call Risk: Such type of risk arises because of the crystallization of the contingent
liabilities. It can also happen when the National Bank of Texas is not able to
undertake the profitable business chances.
Interest Rate Risk: It arises due the abnormal impact on the Net Interest Margin or
Market Value of Equity of the bank. It is of five forms: mismatch risk, Yield Curve Risk,
Reinvested Risk, Basis Risk and Embedded Option Risk (Dal Maso et al., 2018).
Market Risk: It is the kind of adversarial risk of market value due to the trending market
movements in period of liquidating the banking transactions. It is applied to part of the
pursue their attack. The assets and the networking layer or the structure should be kept secure
such that it become complex for the attacker to attack the organization (Jamaluddin et al., 2017).
Thus, the assets of the organization are the information, physical devices, software, services and
Risk in the working environment of the company
The National Bank of Texas mainly contains the following risks (Cohn, Fehr &
Maréchal, 2017):
Liquidity Risk: Such type of risk is observed from the funding of the long term assets by
the short term liabilities which makes the liabilities to refinance or to rollover. Generally,
it is observed when the organization fails to meet the maturing commitment or by
burrowing the funds at the prohibitive prices or by disposing the assets at low price. The
can have the following form of liquidity risk (Guo & Liang, 2016):
o Funding Risk: This type of risk is observed when the bank is unable to achieve
funds to meet the cash flow obligations.
o Time Risk: It arises when the bank needs to compensate for the non-receipt of the
expected inflows of the funds.
o Call Risk: Such type of risk arises because of the crystallization of the contingent
liabilities. It can also happen when the National Bank of Texas is not able to
undertake the profitable business chances.
Interest Rate Risk: It arises due the abnormal impact on the Net Interest Margin or
Market Value of Equity of the bank. It is of five forms: mismatch risk, Yield Curve Risk,
Reinvested Risk, Basis Risk and Embedded Option Risk (Dal Maso et al., 2018).
Market Risk: It is the kind of adversarial risk of market value due to the trending market
movements in period of liquidating the banking transactions. It is applied to part of the
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
Application of Risk Mitigation and Planning Toolslg...
|3
|830
|42
Network Security Assignment - STP Limitedlg...
|20
|5002
|54
Network Disaster Recovery Planlg...
|8
|1495
|47
Information Governance: Risk Assessment, Business Continuity, and Security Enhancementlg...
|26
|5829
|25
Disaster Recovery Plan Analysislg...
|5
|1057
|13
Network Security Plan for Mitigating Identified Issues in a Universitylg...
|15
|679
|496