Project Part 1
Security Policy Outline
First World bank wants to provide banking services online to its customers. The institution estimates over $100,000,000 a year in online credit card transactions for loan applications and other banking services. According to a team that was formed using a Linux an open source infrastructure would roughly as estimated give an annual cost savings in licensing fees alone can be as much as $4,000,000. The assets while using Linux open source infrastructure goal would be maintaining (CIA) triad confidentiality, integrity, and availability in the infrastructure. There is legislation, regulations, federal and state laws governing ...view middle of the document...
• security policy;
• organization of information security;
• asset management;
• human resources security;
• physical and environmental security;
• communications and operations management;
• access control;
• information systems acquisition, development and maintenance;
• information security incident management;
• business continuity management;
ISO/IEC 27001 is an internationally recognized best practice framework for an information security management system. It helps you identify the risks to your important information and put in place the appropriate controls to help reduce the risk.
• Identify risks and put controls in place to manage or reduce them
• Flexibility to adapt controls to all or selected areas of your business
• Gain stakeholder and customer trust that their data is protected
• Demonstrate compliance and gain status as preferred supplier
• Meet more tender expectations by demonstrating compliance
You could use a third party Data-Center and the Linux based software and reduce the cost and utilizes many open source programs from the internet for free. We know from the team what must be utilized; a database server, a web server, a file server, a simple mail transfer protocol (SMTP), and a lightweight directory access protocol (LDAP) server. These can be run on one server with virtualized software saving on the cost of individual hardware with a redundant backup the same way at still a considerable savings.
"Home." ISO/IEC 17799:2005. N.p., n.d. Web. 23 Sept. 2015.
"ISO/IEC 27001 Information Security Management." ISO/IEC 27001 Information Security. N.p., n.d. Web. 23 Sept. 2015.