You have been hired by the Board of Directors of RollinOn, Inc as the new IT Security Manager. RollinOn is a designer of premade and custom designed skates and skateboards. RollinOn has had some extreme growth in the area of e-Commerce over the past couple of years due to the addition of their custom design tools on their website. However, RollinOn has had some internal security issues. RollinOn hs had some very lax policies allowing employees to bring their own tablets and laptops, also known as bring your own device or BYOD, and access social media on the intranet. The Web application development team has increased in size and is also in need of sound security practices. There have been several instances of downloaded malware and the company website has been hacked on at least one (1) occasion.
Your main objective is to create an outline of a new IT security policy regarding the company’s web presence and lack of access control. Note: You may create and / or make all necessary assumptions needed for the completion of this assignment.
Part I: Written Section
Write a three to five (3-5) page paper in which you:
- Briefly explain the current state of Web application security to the Board of Directors.
- Describe the major potential security risks associated with maintaining the organization’s Web presence, protecting its assets, and promoting e-Commerce.
- Assess any techniques and technologies that you may need to use to mitigate those potential security risks.
- Create an outline of your new IT security policies for RollinOn. Be sure to relate your policies to the potential risks.
- Speculate on the most common types of resistance that you might encounter from employees when implementing your new IT policy.
- Use at least four (4) quality references in this assignment. Note: Wikipedia and similar Websites do not qualify as quality references.
- Format your assignment according to the following formatting requirements:
- Typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page is not included in the required page length.
- Include a reference page. Citations and references must follow APA format. The reference page is not included in the required page length.
Part II: PowerPoint Presentation
Create an eight to ten (8-10) slide PowerPoint presentation for the Board of Directors in which you:
8, Outline the major components of your new IT security Policy. Be sure to associate each policy with specific risks.
The specific course learning outcomes associated with this assignment are:
- Analyze the impact of the Internet and Web applications on the business world.
- Analyze the evolution of social media, social networking, and the ethical issues they raise.
- Compare and contrast Web-based risks.
- Analyze common Website attacks, weaknesses, and security best practices.
Grading for this assignment will be based on answer quality, logic / organization of the paper, and language and writing skills, using the following rubric.