Pm3110 Unit 6 Assignment 2


Destiny Knott Feb 07, 2014 IS3230 Unit 6 Unit 6 Assignment 2 Managing Microsoft Account and File Systems Access Controls

In order to truly protect a company’s’

 data, a multi-layered security approach using access controls must be developed and utilized keeping in mind that data has two states that has to be protected equally; data at rest (DAR) and data in motion (DIM). When securing DAR on a file system whole disk encryption is an essential first step followed by physical security (backups included) and the necessary access controls such as mandatory access controls (MAC), discretionary access controls (DAC), and/or role-based access controls (RBAC). For securing data that travels through the network or through the internet (in transit) known as DIM, standard network security such as intrusion detection systems (IDS), intrusion prevention systems (IPS), and firewalls should definitely be implemented. To further layer the security in DIM, encrypting data including emails using the proper keys or creating a relational database with access controls would be efficient. To go even further a company could add the method of securing the communications channels using protocols such as Secure Sockets Layer (SSL), Hypertext Transfer Protocol Secure (HTTPS), and could also potentially secure the path with a virtual  private network (VPN). Protecting file systems are critical to securing data, the first step is to apply an access control policy by creating an access control list (ACL) to help control and manage rights of the data and audits to data access. Using Active Directory in the MS server environment is ideal  because a company could easily manage these ACLs that define access for a particular user, group, or system. Within the ACL there are a collection of access control entities (ACE), the

1. Who are Rolls’ principal project management stakeholders? a. Roll-Royce’s (RR) biggest stakeholders are Boeing and Airbus, as well as those supplying aircraft for military uses. RR also must work closely with national governments who subsidize their airlines by resorting to creative financing, long-term contracts, or asset-based trading deals. Another stakeholder of RR is the labor force, which means intensive training, their competitors, and suppliers of parts and equipment. 2. How would you design stakeholder management strategies to address their concerns? a. For the RR organization, I would identify five key strategies for effective stakeholder management: a.i. Develop a comprehensive list that included the organizations that have the ability to impact RR, both positively and negatively. In this case, the organizations would be Boeing, Airbus, national governments and the labor force. a.ii.


Leave a Reply

Your email address will not be published. Required fields are marked *