Paper #3: Compare / Contrast Two State Government IT Security Policies Scenario: Volunteers have been recruited to help state governments improve their cybersecurity practices. The coordinating committee has decided that the first task these volunteers undertake will be a comparative analysis which examines the strengths and weaknesses of existing IT Security Policies for state governments (agencies and offices of the executive branch under the leadership of the state governors). Since you volunteered early, you have your pick of any two states’ IT Security Policies from the list published by the Multi-State Information Sharing and Analysis Center (MSISAC). (See item #1 under Research.) Research: Select two state government IT Security Policies. Use the list at https://msisac.cisecurity.org/state/ (if you encounter a broken link, you may search for that state’s policy or choose a different state). Download and review your selected state governments’ IT Security Policy documents. Develop five or more points which are common across the two documents. (Similarities) Identify and review at least three unique items in each document. (Differences) Research best practices for IT Security and/or IT Security Policies for state governments. Here are two sources which you may find helpful: http://www.nascio.org/Portals/0/Publications/Documents/Deloitte-NASCIOCybersecurityStudy_2014.pdf http://www.nascio.org/Portals/0/Publications/Documents/NASCIO-SecurityFrameworks.pdf Using your research and your comparison of the two policy documents, develop an answer to the question: Why should every state government have an IT security policy for state agencies and offices under the state’s executive branch? Write: Write a five (5) to eight (8) page white paper in which you summarize your research and discuss the similarities and differences between the two IT security policy documents. You should focus upon clarity and conciseness more than length when determining what content to include in your paper. At a minimum, your white paper must include the following: An introduction or overview of IT Security Policies for the executive branch of state governments (covering state agencies and offices in the executive branch including the governor’s office). Explain the purpose of an IT security policy and how it is used. Answer the question: why should every state in the nation have a comprehensive IT security policy for state agencies and offices? (Make sure that you address the importance of such strategies to small, resource-poor states as well as to large or wealthy states.) A separate section in which you discuss the common principles and policy sections / statements (similarities) found in both IT security policy documents. A separate section in which you discuss the unique aspects of the first state’s IT security policy document. A separate section in which you discuss the unique aspects of the second state’s IT security policy document. A section in which you discuss your evaluation of which state government has the better of the two IT security policy documents. You should also present best practice based recommendations for improvements for both IT security policy documents. (Note: you may have different recommendations for the individual policies depending upon the characteristics of each document.) A separate section in which you summarize your research and recommendations. Submit For Grading Submit your white paper in MS Word format (.docx or .doc file) using the OPEN Data Assignment in your assignment folder. (Attach the file.) Additional Information Your white paper should use standard terms and definitions for cybersecurity concepts. The following sources are recommended: ISACA Glossary http://www.isaca.org/pages/glossary.aspx Guidelines on Security and Privacy in Public Cloud Computing http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-144.pdf You are expected to credit your sources using in-text citations and reference list entries. Both your citations and your reference list entries must comply with APA 6th edition Style requirements. Failure to credit your sources will result in penalties as provided for under the university’s Academic Integrity policy. Use APA 6th edition style (formatting) for the organization and appearance of the MS Word document that you submit to your assignment folder. This includes margins, section headings, and consistent use of fonts (Times New Roman 12 in black), paragraph styles (first line indent by ½ inch), and line spacing (double). Formatting requirements and examples are found under Course Resources > APA Resources. Your file should contain both a title page and a separate References page. Use page breaks to ensure that the title page and references page are separate from the body of the paper. You are expected to write grammatically correct English in every assignment that you submit for grading. Do not turn in any work without (a) using spell check, (b) using grammar check, (c) verifying that your punctuation is correct and (d) reviewing your work for correct word usage and correctly structured sentences and paragraphs.

    Legislation IT Confidence Policies

    Introduction

    The recite legislation applies the reason of IT Confidence Policies among uncertain agencies and offices to husband basis and instruction. Grounded on the ample basis that applies to the recite provinces, the policies are material and are a backbone towards handling basis. These drawings are too open touching laws that are required to appliance and practise reasonable confidence arrangementes and practices. The IT Confidence is pertinent in that it assists to cbalance perceptive instruction from unacknowledged entitys who may bankruptcy to earn adit to it and reason it abutting the recites. Confidence duty of legislation websites talllights husbandment of opportunities and threats (Zhao & Zhao, 2010). Too, the policies are pertinent in that they stipulation how instruction is reasond, qualified or smooth disclosed to uncertain parties. It is consequently material that each of the recites should entertain such policies that can curb adit towards basis and instruction that is reputed to be perceptive. Ample recites entertain the utility in that they entertain a unreserved adit towards media that can be reasond to objectue in IT Confidence. An effigy is material, and the open recites can practise this through objectuement in IT Confidence details. Referable attributable attributableably, these strategies are too pertinent to those recites that are stipulationed material rational as a practice of managing the weak that they entertain.

    Spiritless Substances Among the Wieldment Recitements Of Maryland And Alabama Recites

    One of the substances that are spiritless among the brace-recite policies of Alabama and Maryland is instruction confidence through objectuement in a tcomplete equalize of commitment. There is an face of authorization and evidence that is sought to cbalance and secreteion basis and instruction from unacknowledged entitys. The brace recites entertain applied basis and password encryption technology with the conduce of ensuring that basis is simply aditible to simply those living-souls who is required to adit it.  Encryption is reasond to fastenly grant biometric basis balance any network (Glass et al., 2001). Referable attributable attributableably, there is too the atom of firewalls and monitoring schemes that contribute a tcomplete equalize of confidence. Legislational provinces can disclose effectively extraneously instruction leakage grounded on the tcomplete class of secreteion that has been prostrate in firmtle. It is too speaking referable attributable attributableing that the brace recites entertain applied the reason of adit curb strategies that fasten that there is a tcomplete equalize of confidence which is talllighted in the wieldment muniments and standards. There is too a defined reasonr province when it comes to adhering to the standards that entertain been firm.

    Unique Faces of The Alabama Recite IT Confidence Wieldment Muniment

    Alabama has a cyber-confidence webposition that relies on the internet to divide particular instruction (Youngblood, 2014). The position incorporates a catalogue of confidence knownness media that are beneficial in managing how tribe disclose. Ce specimen, it has tips, tools, and tutorials that compel it wieldable ce workers to come fasten when they are online. It is meliorate firmtled to compel legislation agencies secreteion their basis and instruction abutting charybdis to unacknowledged entitys (Kapucu et al., 2010). Additionally, the wieldment contains Cyber Confidence Distinct Exculpations that deals with an fertile cem in which incidences earn handled. It incorporates distinct reporting and handling which is an palliable practice of sanative any adverse consequences that inaugurate. The reason of Bluetooth technology is too talllighted in the wieldment muniment as an bearing towards wireless technology. It is an emerging result in the technology sector that has made message easier.

    Unique Faces in The Maryland Recite IT Confidence Wieldment Muniment

    Service Interface Beneathtaking is an restricted area that is contained among the wieldment and is reasond to govern adit to apparent networks. It contributes that apparent schemes are simply recognized to embody following plaudit are assessed. The plaudits earn contributed by the Service Interface Beneathtaking which is facilitated by the Recite Agency and the entrusted entity. The beneathtaking contains the term of the embodyion as courteous-behaved-behaved-behaved as requirements that the structure should cbalance the IT possessions. Contingency Drawingning is another imported atom that is contributed in the wieldment where there is a product of IT Disaster Recovery Drawing. The influence of the drawing seeks to impress as a drawing B proportioned in instance there is any question that earns encountered in the schemes (Tipton & Krause, 2003). Audit and accountability curb requirements is another face of the wieldment and are pertinent in that is fastens that those chargeable on ce the schemes are agreeing in instance there is a basis violation. Audit archives should be utilityed ce complete the confidence smoothts that beneathstand secreteion and scheme characterary adit.

    Best Maryland and Alabama IT Confidence Wieldment Muniment

    The recite of Maryland has the best wieldment when it comes to the secreteage of Instruction Technology confidence. It talllights the responsibilities and roles of each of the parties that are seasoned among the message arrangement. These are province of IT, Agency as courteous-behaved-behaved-behaved as the workers and contractors. It too has a minority that contributes details encircling Social Media Wieldment and requires that an intellectual service is made in impressing as a guiding substance. Maryland should objectue aggravate towards grafting and educative the employees encircling how they are required to husband the reason of technology. Many of them object up exposing basis and instruction grounded on the bankruptcy of know-how of how they must husband some devices. There is a insufficiency to entertain the schemes updated balance period so that they are in course with the incongruous changes globally (Orchier et al., 2000). Alabama earn be required to entertain inside personnel to-boot having imported confidence firms earn stay of their confidence audits and inspections. It would be meliorate to entertain results from brace parties and then start a equidistant segregation to unmask the similarities and differences that be. The card adit curb arrangement which is contained in the wieldment should too be assessed and updating husbandd on then cards constantly. The agitate earn cbalance the cards from uncertain abandons and threats that can conclusion from hacking future exposing instruction.

    Research and Recommendations

    Research

    Protection and confidence of technological devices stay a extreme control ce the Maryland and Alabama nations as courteous-behaved-behaved-behaved as other countries. Many confidence instances entertain been reputed in these countries where a relative recite has lost perceptive basis and instruction to unacknowledged parties (Zhao & Zhao, 2010). In this instance, it is tallly pertinent that any recite legislation should be discriminating towards facilitating IT Confidence policies. The drawings and procedures that earn talllighted beneath the drawing supply ce the recite agencies and offices that are beneath the adherent. Numerous details wheel about basis and instruction that is considered to be perceptive. It is in this ask-ce that confidence solicitudes are ordinary to cbalance and secreteion such details. Instances of hacking entertain characterized the global environment, and this has led towards charybdis of secret and perceptive instruction. Hackers entertain reasond such basis and instruction to ask-ce that the recite impresss upon their requests demand to which they surrender it to the exoteric. Threats entertain made gotten directed to these countries, and this has unsupposable them where at periods they entertain to furnish in to cbalance their effigy to the cosmos-people.

    Recommendations

    It would be recommendable frequently to fasten that schemes are updated so that they are in course with the general technology. In instances where the devices and tools are utilizing preceding arrangementers, it surrenders them to instances of hacking. New easy schemes comes with iron mechanisms such as firewalls which are grievous to split and past hackers entertain referable attributable attributable attributable bequeathed practices of doing so, they are fasten and fasten (Allen, 2001). Each day, there are attempts by cyber-criminals to aggression schemes and rend operations as courteous-behaved-behaved-behaved as purloin instruction. Many of these recites are increasingly entity targeted, and these threats entertain continued to impress as a abandon to their operations. Consequently, it is material that each of the recites prioritizes cyberconfidence as a original solicitude among the legislation.

    Notably, the recites should too fasten that they utility monitoring and evaluation arrangementes that can be reasond to binder trail of how the schemes are easy. In instance there is an result, sanative measures can be prostrate in firmtle to cbalance basis violation. Partnerships with uncertain stakeholders affect referable-public structures can too go a desire practice towards comely the recite of confidence (Bush, 2009). These structures may entertain machinery that the recites that do referable attributable attributable attributable entertain and can reason it to contribute a tall-object confidence and secreteion of basis and instruction. Grafting and education are instrumental in ensuring that the workers are known of the cem in which the uncertain tools and devices among the recite legislation character. Legislation employees should be contributed with methodic seminars that cbalance schemes operations.

    References

    Allen, J. H. (2001, May). Cert scheme and network confidence practices. In Proceedings of the Fifth Exoteric Colloquium ce Instruction Schemes Confidence Education (NCISSE’01), George Mason University, Fairfax, VA USA (pp. 22-24).

    Bush, G. W. (2009). The exoteric confidence policy of the United Recites of America. Wordclay.

    Glass, R., Salganicoff, M., & Von Seelen, U. C. (2001). U.S. Patent No. 6,332,193. Washington, DC: U.S. Patent and Trademark Office.

    Kapucu, N., Asian, T., & Collins, M. L. (2010). Examining intergovernmental and inter-organizational exculpation to catastrophic disasters: Toward a network-centered bearing. Legislation & Society, 42(2), 222-247.

    Orchier, J., Soriano, R., Salvaterra, L., Ardito, D., & Byreddy, A. (2000). U.S. Patent No. 6,070,244. Washington, DC: U.S. Patent and Trademark Office.

    Tipton, H. F., & Krause, M. (2003). Instruction confidence husbandment handbook. CRC Press.

    Youngblood, N. E. (2014). Revisiting Alabama recite webposition aditibility. Legislation Instruction Quarterly, 31(3), 476-487.

    Zhao, J. J., & Zhao, S. Y. (2010). Opportunities and threats: A confidence duty of recite e-legislation websites. Legislation Instruction Quarterly, 27(1), 49-56.