Mr. James Hollis
ITT Technological Institute – Miami
IDI cannot continue operating with a neglected IT infrastructure. A plan needs to be prepared to identify every issue with the IT infrastructure. Such plan should describe actions to eliminate or mitigate the risks, and provide a framework within which the improvement, development and delivery of information technology could be increasingly responsive, stable, and secure in the coming years.
Some of the upgrades included on that plan are the following:
•Network infrastructure should be upgraded to Gigabit Ethernet, considerably increasing network speed
•Port speed needs to be increased from 10 Mbps …show more content…
Information and software classification is necessary to better manage information. If implemented correctly, classification can reduce the cost of protecting information because in today’s environment, the “one size fits all” will no longer work within the complexity of most organization’s platforms that make up the I/T infrastructure. Information classification enhances the probability that controls will be placed on the data where they are needed the most, and not applied where they are not needed. Classification security schemes enhance the usage of data by ensuring the confidentiality, integrity, and availability of information. By implementing a corporate-wide information classification program, good organization practices are enhanced by providing a secure, cost-effective data platform which supports the organization’s business objectives. The key to the successful implementation of the information classification process is senior management support. The corporate information security policy should lay the fundamentals for the classification process, and be the first step in obtaining management support.
IDI risk assessment involves the integration of threat, vulnerability, and information. It involves deciding which protective measures to take based on a well-defined risk reduction strategy. Many models have been developed by which threats, vulnerabilities, and risks are integrated and then used to inform the allocation of resources to reduce