Develop a short (two-to-three page) job aid which explains the differences between authentication, authorization, and access control using common-sense examples

Step 11: Develop a Job Aid

Now that you have formulated your recommendation for authentication, authorization, and access control in Step 10, you are ready to begin developing a job aid that the HR managers can take to their departments after the presentation. This job aid will empower the HR managers to educate their staff on the topics of authentication, authorization, and access control in a simple and effective way to improve the security of their systems. The job aid will be distributed after the presentation.

Develop a short (two-to-three page) job aid which explains the differences between authentication, authorization, and access control using common-sense examples to help the reader understand the differences and the importance of each in protecting the organization’s information. The job aid should address all of the items listed below.

  • Define—in layman’s terms—authorization, authentication, and access control, and the relationships between them.
  • Identify and articulate examples that are easy to comprehend and that would resonate with your company’s leadership.
  • Describe the importance of authorization, authentication, and access control to the overall security of your organization. Use details of your company’s products/services and the need to protect them to emphasize the need for strong controls.
  • Step 12: Implementation Guidance PresentationIn response to the request from the CTO and VP of HR, you will develop a presentation for HR management which discusses how to limit access to specific types of data and protect vulnerable data from outside threats. You will explain the lineage of data, data ownership, and data-access related authentication, authorization, and access control. You will also take this opportunity to educate on the basic principles of data/network access control and to advocate for stronger access controls. You will develop an 18-20 slide presentation that clearly explains the principles of authentication, authorization, and access control, examines various models, and recommends a strategy for your organization. You will use the information that you have gathered in Steps 1 through 9. Make sure to include the following:
    • Describe authentication, authorization, and access control as an important security concept.
    • Evaluate the different models and examples of authentication, authorization, and access control.
    • Make the case for changes to your organization’s authentication, authorization, and access control policies/systems.
    • Present the recommended strategy.
    • Discuss how you will evaluate the effectiveness of the security program.
    Submit the presentation.
    Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.
    • 5.3: Support policy decisions with the application of specific cybersecurity technologies and standards.
    • 6.2: Create an information security program and strategy, and maintain alignment of the two.
    • 6.3: Integrate the human aspect of cybersecurity into an organization’s cybersecurity policy.
    • 9.3: Assess policies, processes, and technologies that are used to create a balanced approach to identifying and assessing risks and to manage mitigation strategies that achieve the security needed.

Step 12: Implementation Guidance Presentation

In response to the request from the CTO and VP of HR, you will develop a presentation for HR management which discusses how to limit access to specific types of data and protect vulnerable data from outside threats. You will explain the lineage of data, data ownership, and data-access related authentication, authorization, and access control. You will also take this opportunity to educate on the basic principles of data/network access control and to advocate for stronger access controls. You will develop an 18-20 slide presentation that clearly explains the principles of authentication, authorization, and access control, examines various models, and recommends a strategy for your organization. You will use the information that you have gathered in Steps 1 through 9. Make sure to include the following:

  • Describe authentication, authorization, and access control as an important security concept.
  • Evaluate the different models and examples of authentication, authorization, and access control.
  • Make the case for changes to your organization’s authentication, authorization, and access control policies/systems.
  • Present the recommended strategy.
  • Discuss how you will evaluate the effectiveness of the security program.

Submit the presentation.

Before you submit your assignment, review the competencies below, which your instructor will use to evaluate your work. A good practice would be to use each competency as a self-check to confirm you have incorporated all of them in your work.

  • 5.3: Support policy decisions with the application of specific cybersecurity technologies and standards.
  • 6.2: Create an information security program and strategy, and maintain alignment of the two.
  • 6.3: Integrate the human aspect of cybersecurity into an organization’s cybersecurity policy.
  • 9.3: Assess policies, processes, and technologies that are used to create a balanced approach to identifying and assessing risks and to manage mitigation strategies that achieve the security needed.
Uncategorized
All Rights Reserved, Essaysland.com
Disclaimer: