Computer Security Examination Essay

health c ar companies, like first rudiment healthcare, that operate as for-profit entities, are lining a multitude of ch allenges. The restrictive purlieu is becoming more restrictive, viruses and louses are ripening more pervasive and damaging, and ABC healthcares stakeholders are demanding more tensile access to their strategys.The healthcare industry is experiencing substantive regulatory squeezes that mandate prudent instruction gage and systems management practices. Furthermore, the act pressure to reduce price requires that management focus on on streamlining operations, reducing management bang and minimizing human intervention. The regulatory focus at ABC health care is on the Health Insurance Portability and Accountability Act (HIPAA) and Sarbanes-Oxley (SOX). twain pieces of legislation highlight the need for good systems administration and controls, but focus on different aspects of the avocation. The main focus of HIPAA is to value personally ident ifiable health culture while SOX is concerned with data that impacts pecuniary reporting. Violations may be met with both civic and criminal penalties. Therefore, the company must be ever watchful of new banes to their systems, data, and commerce operations.The most prevalent guarantor cogitate to threat to on-going occupancy operations is the continued development and propagation of viruses and sucking louses. Virus and worm prevention or containment is a critical component to the overall assay extenuation strategy. Virus and worm outbreaks have three-fold cost aspects for the company including lost forbearing charges due to system unavailability, lost productiveness because of ascertainy efforts due to infection, and potential regulatory impacts depending on the virus or worm payload. However, the company must balance pretend with opportunities in order to serve the stakeholders and put forward the personal credit line.ABC Healthcares stakeholders imply multipl e gatherings that depend on or need access to clinical and/or financial systems in order to aid support and grow the company. The access requirements and associated risk model varies by user group. The main access groups are internal only(prenominal) users (i.e. nurses, hourly employee, etc.), internal/remote users (i.e. remunerated employees, doctors, etc.), and business partners (i.e. collection agencies, banks, etc.). Risk extenuation antecedents must be developed for from all(prenominal) one user group to help interpret that the company recognizes the benefit that each group brings and to minimize the risk to business operations. The upper-level management goals of the entanglement send off writ of execution are as fol secondarysSupport the business and balance security requirements without introducing significant smash-up and complexity Maintain and enhance security without significantly increasing management command processing overhead or complexity Implement sys tems that are industry supported (standards where appropriate), scalable, and fault-tolerant Ensure that the design is implemented to help ensure respectfulness with any and all applicable regulations right(a) management of access control for legalise users and vixenish users is of the utmost importance for the security of the ABC Healthcare management system. The threat is non limited to outside malicious users but also legitimate users busy in illegitimate activity.Based on the above description you are to leave alone a recommendation of how you would cover each of the following ABC Healthcares computer network security requirements. Note, whereas cost is typically an important factor, this is non a consideration for this case analysis. Therefore, you do not need to include cost estimates. Your solution should have the right feel, disdain the lack of depth or expand necessary to be accepted by upper management. Be specific in your answers. Write them as if you were writ ing a proposal to your boss. Since you are developing a solution to a specific circumstance, existent that is copied from an outside source will not likely fit so everything should be in your own words.1. Describe your adept recommendation for addressing the security requirements in the overall technical design of the ABC Healthcare network. This should include both internal and out-of-door (untrusted and trusted) aspects. Untrusted would include user connectivity to the Internet. The trusted network has the main purpose of supporting the business functions of known entities (i.e. partners, suppliers, etc.) which have a business relationship with the company. Note that you are to squeeze on the physical and logical level, including the symbol of hardware and software, however you are not expected to provide specific low level details in wrong of equipment suppliers or model numbers, etc. for your recommended design. (30 points) 2.3. deal the way you will address requirements for system monitoring,logging, auditing, including complying with any legal regulations. (10 points)4. Describe how the system will identify and authenticate all the users who attempt to access ABC Healthcare information resources. (10 points)5. Discuss how the system shall recover from attacks, failures, and accidents. (10 points)6. Discuss how the system will address User Account Management and related security improvements. (10 points)7. Complete the Cyber Security implement Plan (see attached spreadsheet) (30 points)