Write a two-page internal policy that includes the following: Summarize the regulatory requirements and the reason(s) Red Clay needs the

Write a two-page internal policy that includes the following: Summarize the regulatory requirements and the reason(s) Red Clay needs the

Learning Goal: I’m working on a cyber security discussion question and need an explanation and answer to help me learn.

Review the course readings and the Red Clay Renovations company profile for background information before responding to this discussion question.

The Red Clay Board of Directors tasked the company’s IT Governance Board to develop a new remote access policy for teleworkers and employees traveling on business (including local area travel to client sites). This policy is required to help mitigate risks associated with remote access into the company’s customer information database.The Board of Directors is concerned about exposure of customer’s personal information to unauthorized individuals. At a minimum, the policy must address the use of virtual private networking by teleworkers when using company or personal equipment to access the company’s servers from outside company offices.

The need for updated remote access guidance arises from three regulatory requirements:

1) PCI-DSS (credit card and transaction information)
2) HIPAA Security Rule (health related information)
3) Red Flags Rule (consumer credit information: identity theft prevention).

Write a two-page internal policy that includes the following:

1. Purpose: Summarize the regulatory requirements and the reason(s) Red Clay needs the remote access policy.

2. Scope: Summarize the regulatory requirements as they apply to employees’ remote access to customer information which Red Clay collects, processes, manages, and stores.

3. Policy: Write at least ten policy statements addressing how Red Clay employees should ensure the security of computers, laptops, and other mobile devices used for remote access into the company’s networks and servers. Your policy must specifically address the use of a VPN. Your policy must also include consequences and/or penalties for inappropriate or unauthorized disclosures of customer information due to the employees’ failure to comply with this policy.

Provide in-text citations and references for 3 or more authoritative sources. Put the reference list at the end of your posting. Make sure you use the discussion rubric as well as the above information to ensure you include all the required elements in your discussion response.

Answer preview for Write a two-page internal policy that includes the following: Summarize the regulatory requirements and the reason(s) Red Clay needs the

CSI
APA

829 Words