XYZ Health Care is a provider of health services to senior citizens. It performs its mission with a virtual force of Registered Nurses and Nurse Practitioners.
Remote Access Security Policy
Organization: XYZ Health Care Provider:
XYZ Health Care is a provider of health services to senior citizens. It performs its mission with a virtual force of Registered Nurses and Nurse Practitioners. The nurses visit their elderly patients in their homes and monitor their health. At the end of the day, the nurses are required to connect back to corporate networks and upload all of the patient records for the day. Keep in mind that this organization is subjected to HIPAA rules and its required to make the data available to its patients and authorized patient representatives within 48 hours.
Some of the RISKS:
• Brute force user ID and password attacks
• Users or employees unaware of the risks, threats, and dangers of the Internet and shard WI-FI or broadband Internet Access
• Multiple Access attempts and logon retries
• Unauthorized access to IT Systems, applications, and data
• Privacy data or confidential data is compromised remotely
• Data leakage occurs in violation of data classification standard
• A remote worker’s laptop is stolen
• A remote worker requires access to the patient medical records system through the Public Internet
Scope: Control Identification and Creation of a Remote Access Policy
Using or textbooks, internet and other resources, identify the necessary components / sections within a security policy and then craft the actual policy for XYZ Healthcare and address the risks within policy that are prevalent with Remote Access.
Your submission must include the following:
1) Control Matrix: A listing of the risk and 1 or more countermeasures to address the risk. (25 points)
2) A Section that identifies the necessary components of the policy and why they are important: This does not refer to the controls but more specifically sections within the policy. (You may research the Internet or SANS for sample policies, the sections were also discussed in class). (15 points)
3) The actual policy, when developing the policy please ensure that it can be used at XYZ Healthcare. (60 Points)
1) APA Format (Where applicable)
2) Minimum of 3 – 5 references
3) Safe – Assignment comparison will be done