ORDER A SIMILAR PAPER NOW

Introduction

In this assignment, you will develop strategies to protect the data and file systems of a fictitious software development company.

The specific course learning outcome associated with this assignment is:

• Determine an access control strategy based on existing documents.

This course requires the use of Strayer Writing Standards (SWS). The library is your home for SWS assistance, including citations and formatting. Please refer to the Library site for all supports. Check with your professor for any additional instructions.

Scenario

Independent Software Incorporated (ISI) is a small software development company with eight employees that work at the home office. Their primary accounts are associated with major market retailers, the federal government, and large state governments. The computer environment for ISI contains a Linux file and print server, a Linux Web server, and ten heterogeneous workstations running multiple operating systems. ISI’s coding development projects often encompass classified information and personally identifiable information (PII).

Instructions

Write a 2- to 4-page paper in which you:

• Explain why ISI needs an access control plan and the goals of the plan, citing specific, credible sources that support your assertions and conclusions.
• Develop at least three-layered access security strategies that can be used to protect ISI’s data at rest, data in motion, and file systems; citing specific, credible sources that support your proposed strategies.
• Explain a best practice process and procedures for implementing ISI’s access security strategies and the overall framework in which they will reside, citing specific, credible sources that support your assertions and conclusions.
• Describe the verification process that can be used to ensure that ISI’s access control plan is effective, citing specific, credible sources that support your assertions and conclusions.
• Explain how ISI’s verification process will be maintained and updated in response to future changes in access requirements.
• Support your main points, assertions, arguments, or conclusions with at least three specific and credible academic references synthesized into a coherent analysis of the evidence.​​​​​​
  • Cite each source listed on your source page at least one time within your assignment.
  • For help with research, writing, and citation, access the library or review library guides.
• Write clearly and concisely in a manner that is well-organized; grammatically correct; and free of spelling, typographical, formatting, and/or punctuation errors.
  • Use section headers in your paper to clearly delineate your main topics.

 

Struggling with where to start this assignment? Follow this guide to tackle your paper easily!

Step-by-Step Guide to Writing the Access Control Strategy Paper

---

Step 1: Use Proper Paper Structure (Required)

Your paper should be 2–4 pages and include the following clearly labeled section headers:

1. Introduction

2. Need for an Access Control Plan and Its Goals

3. Layered Access Security Strategies

4. Implementation Best Practices and Framework

5. Verification of Access Control Effectiveness

6. Maintaining and Updating the Verification Process

7. Conclusion

8. References

---

Step 2: Explain Why ISI Needs an Access Control Plan

In this section:

• Describe ISI’s environment (small company, Linux servers, heterogeneous workstations).

• Explain risks associated with:

  • Classified data

  • Personally identifiable information (PII)

  • Government and enterprise clients

• Clearly define the goals of the access control plan, such as:

  • Confidentiality

  • Integrity

  • Availability (CIA Triad)

  • Least privilege

  • Regulatory compliance

✔ Support claims with credible cybersecurity sources (e.g., NIST, ISO).

---

Step 3: Develop Three-Layered Access Security Strategies

You must address three layers and three data states:

A. Data at Rest

Examples:

• Role-Based Access Control (RBAC)

• File system permissions (Linux ACLs)

• Disk and database encryption

B. Data in Motion

Examples:

• TLS/SSL encryption

• Secure VPN access

• Secure file transfer protocols (SFTP)

C. File Systems

Examples:

• Centralized authentication (LDAP, Active Directory integration)

• Multi-factor authentication (MFA)

• Logging and access auditing

🔹 Explain how each layer protects ISI’s sensitive data
🔹 Cite sources for each proposed strategy

---

Step 4: Explain Best Practices for Implementation

In this section:

• Describe a structured process for implementing access controls:

  • Risk assessment

  • Role definition

  • Policy development

  • User provisioning

  • Training and awareness

• Identify the framework supporting the strategies, such as:

  • NIST SP 800-53

  • NIST Cybersecurity Framework

  • ISO/IEC 27001

✔ Clearly explain why this framework is appropriate for ISI

---

Step 5: Describe the Verification Process

Explain how ISI can verify that its access control plan is effective:

Examples include:

• Regular access reviews

• Log monitoring and audits

• Penetration testing

• Vulnerability assessments

• Compliance checks

🔹 Tie verification methods back to organizational goals and risk reduction
🔹 Support with academic or government cybersecurity sources

---

Step 6: Explain How the Plan Will Be Maintained and Updated

In this section:

• Discuss how ISI can adapt to:

  • New employees

  • New technologies

  • Changing regulations

  • New client requirements

• Include:

  • Periodic policy reviews

  • Continuous monitoring

  • Change management procedures

✔ Emphasize scalability and sustainability

---

Step 7: Use Strong Academic Support

You must:

• Use at least three credible academic sources

• Cite each source at least once in the paper

• Follow SWS citation and reference formatting

Recommended source types:

• NIST publications

• Peer-reviewed cybersecurity journals

• Government or standards organizations

---

Step 8: Writing and Quality Checklist

Before submitting, confirm that your paper:
✔ Uses clear section headers
✔ Is well-organized and concise
✔ Is free of grammar, spelling, and punctuation errors
✔ Synthesizes sources rather than listing them
✔ Meets the 2–4 page requirement

---

Helpful Research Resources

• NIST Access Control Guidelines: https://csrc.nist.gov/publications

• NIST Cybersecurity Framework: https://www.nist.gov/cyberframework

• ISO/IEC 27001 Overview: https://www.iso.org/isoiec-27001-information-security.html

• Strayer Writing Standards (SWS): https://library.strayer.edu/sws

 

ORDER A SIMILAR PAPER NOW