Unit 1 Assignment 2: Impact of a Data Classification Standard
When you hear “internal use only”, you automatically can assume that it’s restricted access to anyone not an employee of that company. So if you wanted to access your company’s website from home or anywhere, you would need company credentials to log in. Otherwise, you will not be able to do this at any point in time anywhere. This type of policy is implemented because companies do not want to allow security threats to reach into the system. With this said, of the seven domains within the IT infrastructure, three of them are affected by this policy.
The first IT infrastructure affected by internal use only classification is the User Domain. The user domain defines the people who access an organization’s information system. The user domain also will enforce an acceptable use policy (AUP) to define what each user can and cannot do with any company data shall he or she have access to it. As well as with company users, any outsiders, contractor’s or third party representatives shall also need to agree and comply with the AUP. Any violation will be taken up with management and / or the authorities to access further punitive action.
The “Work Station Domain” is where most users connect to the IT infrastructure. This domain is made up of the devices that employees use to connect to the IT infrastructure. No personal devices or removable media may be used on this network. All devices and removable media will be issued by the company for official use only. The domain requires a strong security and controls because this is where users first access the system. If you can have unauthorized user access situation; make sure you have a strong password and screen lockout policy in place. If