Computer Security Examination Essay

health c be companies, like first rudiment Healthcare, that operate as for-profit entities, are facing a multitude of challenges. The regulatory environment is become more restrictive, viruses and worms are growing more pervasive and damaging, and ABC Healthcares stakeholders are demanding more flexible ingress to their arrangings.The healthcare assiduity is experiencing significant regulatory pressures that mandate prudent information security and systems management practices. Furthermore, the continued pressure to reduce cost requires that management focus on streamlining operations, reducing management overhead and minimizing human intervention. The regulatory focus at ABC Healthcare is on the Health Insurance Portability and Accountability wreak (HIPAA) and Sarbanes-Oxley (SOX). Both pieces of legislation highlight the need for good systems administration and controls, save focus on different aspects of the business. The briny focus of HIPAA is to protect in person identi fiable health information while SOX is concerned with data that impacts financial reporting. Violations may be met with both civil and criminal penalties. Therefore, the union essential be ever watchful of new threats to their systems, data, and business operations.The most frequent security related threat to on-going business operations is the continued teaching and propagation of viruses and worms. Virus and worm prevention or containment is a resilient component to the overall essay mitigation strategy. Virus and worm outbreaks cede multiple cost aspects for the company including lost patient charges due to system unavailability, lost productivity because of gety efforts due to infection, and potential regulatory impacts depending on the virus or worm payload. However, the company must balance risk with opportunities in order to serve the stakeholders and grow the business.ABC Healthcares stakeholders include multiple groups that depend on or need access to clinical and/ or financial systems in order to help subscribe and grow the company. The access requirements and associated risk model varies by user group. The main access groups are internal only users (i.e. nurses, hourly employee, etc.), internal/ strange users (i.e. salaried employees, doctors, etc.), and business partners (i.e. collection agencies, banks, etc.). Risk mitigation solutions must be developed for each user group to help ensure that the company recognizes the benefit that each group brings and to minimize the risk to business operations. The upper-level management goals of the network figure of speech implementation are as fol utters protrude the business and balance security requirements without introducing significant overhead and complexity champion and enhance security without significantly increasing management overhead or complexity Implement systems that are industry supported (standards where appropriate), scalable, and fault-tolerant Ensure that the design is implem ented to help ensure compliance with any and all applicable regulations Proper management of access control for legitimate users and malicious users is of the intent importance for the security of the ABC Healthcare management system. The threat is non limited to outside malicious users but also legitimate users busy in illegitimate activity.Based on the above description you are to provide a recommendation of how you would address each of the following ABC Healthcares computer network security requirements. line of merchandise, whereas cost is typically an important factor, this is not a consideration for this case analysis. Therefore, you do not need to include cost estimates. Your solution should have the right facial expression, despite the lack of depth or details necessary to be accepted by upper management. Be specific in your answers. redeem them as if you were writing a proposal to your boss. Since you are developing a solution to a specific circumstance, material tha t is copied from an outside source allow not likely fit so everything should be in your hold words.1. Describe your technical recommendation for addressing the security requirements in the overall technical design of the ABC Healthcare network. This should include both internal and orthogonal (untrusted and trusted) aspects. Untrusted would include user connectivity to the Internet. The trusted network has the main purpose of reinforcement the business functions of known entities (i.e. partners, suppliers, etc.) which have a business relationship with the company. Note that you are to concentrate on the physical and logical level, including the type of computer hardware and software, however you are not expected to provide specific low level details in terms of equipment suppliers or model numbers, etc. for your recommended design. (30 points) 2.3. Discuss the way you will address requirements for system monitoring,logging, auditing, including complying with any statutory regu lations. (10 points)4. Describe how the system will identify and authenticate all the users who attack to access ABC Healthcare information resources. (10 points)5. Discuss how the system shall recover from attacks, failures, and accidents. (10 points)6. Discuss how the system will address User Account counsel and related security improvements. (10 points)7. Complete the Cyber Security Action Plan (see prone spreadsheet) (30 points)