Level 2 Diploma Unit 11 IT Security Security Plan Level 2 Diploma Unit 11 IT Security
Assignment criteria P4 Create a security plan for a small office or home network P5 Implement a security plan P6 Test a security plan M3 Evaluate implemented security methods D2 Recommend and justify security improvements
Creation Create a security plan for a small office or home network What do we need in a security plan? Assessment of current position Risks Priorities Action items Resources
Assessment What is being assessed? Data and devices What is included?
Assessment Network and systems Current security Desktops Laptops Printers Servers Routers Internet connections Current security What items should be listed here?
Security items Spam filters Firewalls Updates Passwords Anti virus Spam filters Firewalls Updates Passwords Physical security Wireless security Web blocking Backups
Risks What risks do we need to consider? We need a risk assessment. Nature of risk Likelihood 1 = unlikely 5 = almost certain Consequence 1 = minimal 5 = catastrophic Overall risk L x C
Start your security plan The system you are evaluating is the current computing department system Your objective is to review the current arrangements assess the security risks evaluate whether security is effective make recommendations for improvements
Assessing the current system You can investigate yourself A lot of the security is similar in T208 and the computing department rooms You can ask questions You should also establish what data is being protected and whether there are levels of access
Risks Use the slides from the previous lessons to list the specific risks to this computing system