Security Policies with Protection Controls
Part A Your written assignment is to explore compliance considerations for your scenario organization. You will state at least three laws or standards that relate to the organization and explain why this are vital to the operations. Part B Security policies are one method to inform the stakeholders of the organization the necessary requirements to achieve compliance. An example would be the Equifax security breach where hackers exploited a weak point in website software to gain access to sensitive information like Social Security numbers and drivers license numbers for as many as 145 million Americans. Strong security policies could have outline the requirements to help prevent security issues. Some examples would be a web server application security policy and a server security policy. A variety of security policy templates are available from SANS the security policy project at https://www.sans.org/security-resources/policies/. You will develop at least security policies that would address the compliance considerations you have outline. Submission Requirements: For this assignment you will submit your analysis of the laws and standards related to your organization. In addition, you will submit at least security policies you have developed to addresses the issues. Below you will find the scenario I chose to go with. Please base the assignment details on this scenario. Scenario Two: ABC Electronics Device and Repair ABC Electronics sells and repairs electronic devices. The corporate office is in Kansas City, Missouri with branch stores in Los Angeles, California and New York, New York. The website includes a catalog of products with a shopping cart, service manuals and contact information. ABC specializes in IoT devices along with other digital devices.