The physical protection of Finman’s data will need to be protected by proper configuration and setup of data network infrastructure. Both thirds parties will need to ensure ACL systems are set and configured to ensure access and data flow is running properly. There is to be granted access to only privilege user’s assigned and agreed upon. Authentication and authorization is to be set in place to ensure protection with Finman’s data resources along with network resources. Authentication and authorization can be applied by enforcing Group Polices. Each third party will need to have proper verification set in place otherwise known as Third Party Verification (TPV). TPV will provide both parties to meet industry standards such as Federal Communication Commission and Federal Trade Commission. Backup solutions for data storage will need to be set in place to ensure integrity of Finman’s data and meets industry standards.
Statement of Intent
Auditing, encryption and threat management will need to be set in place to ensure no misuse of Finman’s resources are allowed. IT Security Management guidelines will need to be followed to ensure customers are educated and no misuse or abuse to Finman’s IT services or resources are allowed. Finman’s Intellectual property such as patents, copyrights, and trademarks are to be protected by identifying, labeling, locking it up, and educating employees. Utilizing Windows software trace preprocessor (WPP) can help with the tracing of software components.
IT service management (ITSM) focuses on control access by utilizing various functions, processes, and systems necessary to manage the full lifecycle of IT services ( IT Service Management by Ernest Brewster, Richard Griffiths, Adian Lawes and John Sansbury 2012). ITIL also provides guidance to ensure proper guidelines are followed which follow the ISO/IEC 2000 standard. Risk management, hardware devices, and communication are three approaches to applying proper security of intellectual and physical property. By requiring ACL systems to be set in place assists with authentication and authorization of data between Datanel, Minetek, and Finman.
ITSM ensures hardware devices are configured and set properly within the network infrastructure. This pertains to the setting up of firewalls, routers, and intrusion detection and protection systems. Communication is to be followed along with Group Policies. GP’s will assist with managing the network systems between all three parties. For example secure network connections such as VPN’s can assist with secure connectivity with Finman’s LAN. Third Party Verification is required by the Federal Trade Commission to assist with protecting intellectual property and business among companies. Datanel and Minertek will need to follow the TPV and GP guidelines to properly protect Finman’s integrity, patents, and copyright laws.