Remote Access Security
Policy
Organization: XYZ
Health Care Provider:
XYZ Health Care is a provider of health services to senior
citizens. It performs its mission with a
virtual force of Registered Nurses and Nurse Practitioners. The nurses visit their elderly patients in
their homes and monitor their health. At
the end of the day, the nurses are required to connect back to corporate
networks and upload all of the patient records for the day. Keep in mind that this organization is
subjected to HIPAA rules and its required to make the data available to its
patients and authorized patient representatives within 48 hours.
Some of the RISKS:
- Brute force user ID and password attacks
- Users or employees unaware of the risks, threats, and
dangers of the Internet and shard WI-FI or broadband Internet Access
- Multiple Access attempts and logon retries
- Unauthorized access to IT Systems, applications, and data
- Privacy data or confidential data is compromised remotely
- Data leakage occurs in violation of data classification
standard
- A remote worker’s laptop is stolen
- A remote worker requires
access to the patient medical records system through the Public Internet
Scope: Control Identification and Creation of a
Remote Access Policy
Using or textbooks, internet and other resources, identify
the necessary components / sections within a security policy and then craft the
actual policy for XYZ Healthcare and address the risks within policy that are
prevalent with Remote Access.
Your
submission must include the following:
1) Control
Matrix: A listing of the risk and 1 or
more countermeasure to address the risk. (25 points)
2) A
Section that identifies the necessary components of the policy and why they are
important: This does not refer to the
controls but more specifically sections within the policy. (You may research the Internet or SANS for
sample policies, the sections were also discussed in class). (15 points)
3) The
actual policy, when developing the policy please ensure that it can be used at
XYZ Healthcare. (60 Points)
Paper
Requirements
1) APA
Format (Where applicable)
2) Minimum
of 3 - 5 references
3) Safe
– Assignment comparison will be done