• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Protection of Information Assets

Temple University

Protection of Information Assets

MIS 5206.701 ■ Fall 2022 ■ William Bailey
  • HomePage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit #1: Understanding an Organization’s Risk Environment
      • Unit #2: Case Study 1 – Snowfall and stolen laptop
      • Unit #2: Data Classification Process and Models
      • Unit #3: Risk Evaluation
      • Unit #4 Case #2: Autopsy of a Data Breach: The Target Case
      • Unit #5: Creating a Security Aware Organization
      • Unit #6: Physical and Environmental Security
    • Second Half of the Semester
      • Unit #8 Case Study 3 – A Hospital Catches the “Millennium Bug”
      • Unit #9: Business Continuity and Disaster Recovery Planning
      • Unit #10: Network Security
      • Unit #11: Cryptography, Public Key Encryption and Digital Signatures
      • Unit #12: Identity Management and Access Control
      • Unit #13: Computer Application Security
  • Deliverables
    • Weekly Deliverables
      • “In the News” Articles
      • Answers to Reading Discussion Questions
      • Comments on Reading Discussion Question and Other Students’ Answers
    • Case Studies
    • Team Project
  • Class Capture Videos

Unit #2 – Question 3

September 24, 2022 by William Bailey 1 Comment

Assume you are tasked with designing a new policy that highlights information security best practices related specifically to mobile devices at RIT, including laptops, smartphones, and tablets. The new policy should supplement RIT’s Information Security Policy and Acceptable Use Policy (case Exhibits 4 and 5). What practices would you recommend? How could you make staff aware of the policy and encourage their compliance?

Filed Under: Unit 02: Case Study 1 - Snowfall and a stolen laptop Tagged With:

Reader Interactions

Comments

  1. Abayomi Aiyedebinu says

    October 12, 2022 at 12:11 am

    Let us assume I am saddled with the responsibility of designing a new Information Security
    Policy and an Acceptable Use Policy.
    According to Charlie Munger ‘knowing what you don’t know is more useful than being
    brilliant’ this is self-explanatory because in this case the Dean is brilliant, yet he did not
    understand the implication of some of his mistakes like not backing up his machine.
    ✓ Importantly, every system or machine belonging to RIT must be backed up
    automatically and not manually because it is a designated personal task and not the
    responsibility of the IT Support team.
    ✓ Periodically the review of sensitive information must be prioritised and not just upon
    event of hazards of whatever form. By this I mean the security (authorizations) must
    be reviewed and beefed up from time to time. So many people do not even know it is
    imperative to change passwords used for a while.
    ✓ Encourage duplication of extremely High priority data and information.
    ✓ Every User must setup a 2-step verification, by this I mean double surety against
    unauthorised invasion.
    ✓ Provision of training, highlighting the pitfalls in disregarding information security
    tips and intelligence and stipulating penalties to enforce responsibility and sensitivity
    on every user.
    Acceptable Use Policy
    This document constitutes RIT’s policy for the proper use of all computing and network
    resources, User privileges, responsibilities, guidelines as well as procedures for RIT computer
    systems and networks.
    All the policies inherent in Appendix 5 is of impeccable standard however, ignorance does a
    lot of evil than good, so it is significant to enlighten the Users, as well as emphasise on the
    penalties apportioned to defaulters to stir up their sensitivity to the importance of these
    policies especially if it is because of negligence

    Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • Unit 01: Understanding an Organization's Risk Environment (5)
  • Unit 02: Case Study 1 – Snowfall and a stolen laptop (6)
  • Unit 02: Data Classification Process and Models (6)
  • Unit 03: Risk Evaluation (6)
  • Unit 04: Case Study 2 – Autopsy of a Data Breach – The Target Case (4)
  • Unit 05: Creating a Security Aware Organization (6)
  • Unit 06: Physical and Environmental Security (6)
  • Unit 08: Case Study 3 – A Hospital Catches the "Millennium Bug" (3)
  • Unit 09: Business Continuity and Disaster Recovery (6)
  • Unit 10: Network Security (6)
  • Unit 11: Cryptography, Public Key Encryption and Digital Signature (6)
  • Unit 12: Identity Management and Access Control (6)
  • Unit 13: Computer Application Security (6)
  • Welcome (1)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in