MIS-THREATS-ASSETS-AND-POLICIES

Document Sample
MIS-THREATS-ASSETS-AND-POLICIES Powered By Docstoc
					Categorizing the Assests, and threats to Temple University

System Components                          Assets                       Threats



People                                     Trusted Staff                Unethical Students/Malicious Non

                                           Students                     Login Access Control Security Clea

                                                                        Human Error



Software/Hardware                          University Software          Software Attacks

                                           IP Adress, Manufacturer      Outside Hackers

                                           Serial Numbers               Malware & Viruses

                                           Controlling Entity           Technological Difficulties

                                           Windows 7/Vista              Controlling Access

                                           Educational Software         Out Dated Software

                                           Servers/Routers              Forces of Nature




Policy & Procedures                        Intended Purpose             Knowledgable people with Malici
                                           University Procedures        Failure to Adhere
                                           Data Storage                 Human Mistake/Error
                                           File Transfers
                                           Communication with Vendors
                                           Data /Network Control        Unauthorized users gaining acces


Data                                       Structure                    Non-chalont Users
                                           Classfication                Unauthorized users gaining acces
                                           Stored data                  Human Error
                                           offline/online
                                           Backup procedures
                                           Personal Data                Piracy
MOBILE EQUIPMENT    Latops                         Transfer of Personal Information
                    Smartphones & PDA'S            Theft of device
                    IPADS                          Misuse of Mobile Device


Physical Building   Temple University Facilities   Terrorists
                                                   Act of Human Error
                                                   Act of Violence
                                                                Risk Rating   Frequency   HMS Policies



Unethical Students/Malicious Non-Students                       High          Medium      Reuirments to protect all c

Login Access Control Security Clearance                         High          High        Only Authorized Users will

Human Error                                                     High          Medium



Software Attacks                                                High          Medium      Keep up to date virus prot

Outside Hackers                                                 High          Medium

Malware & Viruses                                               High          Medium      Serial numbers must be co

Technological Difficulties                                      High          Medium

Controlling Access                                              High          High        Limit Access to only autho

Out Dated Software                                              Medium        Medium      Update software on a peri

Forces of Nature                                                Medium        Low




Knowledgable people with Malicious Intent                       High          Low         Enforce all punishement fo
Failure to Adhere                                               Medium        Medium
Human Mistake/Error                                             High          Low         Train all users on thorough



Unauthorized users gaining access                               High          High        Only authoried personel ca


Non-chalont Users                                               High          High
Unauthorized users gaining access to confidential information   High          Medium      Follow
Human Error                                                     high          Medium
                                                                Medium        Low
                                                                Medium        Low         Retain imperatie back ups/
                                                                high          Medium      Follow procedure for infor
Transfer of Personal Information   High   Medium   All students/employees m
Theft of device                    High   Medium   Follow investigation proce
Misuse of Mobile Device            High   Medium


                                   High   Low      Follow University safety/d
Act of Human Error                 High   High
Act of Violence                    High   Medium
HMS Policies



Reuirments to protect all confiential information

Only Authorized Users will gain Access




Keep up to date virus protection



Serial numbers must be concealed



Limit Access to only authoried Users

Update software on a periodic time-table




Enforce all punishement for uncessary entroachment on privacy/ Keep confidential information concealed


Train all users on thoroughly to avoid mistakes



Only authoried personel can use netork/data control




Retain imperatie back ups/release unimportant
Follow procedure for information protection
All students/employees must protect personal items at all times
Follow investigation procedures only for university property



Follow University safety/disaster policies

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:2
posted:12/12/2011
language:
pages:8