Email Security Plan for Global Widgets Inc.

Components of a Secure Email System

In your role as information security professional serving the CIO, you have been asked to create a 6–8 page e-mail security plan that will become part of the corporate knowledge base. Use the organization and characteristics described in the Case Study: Global Widgets Inc. document found in the Required Resources as the context in which to create your plan. Include the following in your professionally-formatted plan:

 

1.Diagram and describe the basic components of the secure e-mail system.

 

2.Discuss how a move to the cloud will affect your e-mail security plan.

 

3. Describe threats and vulnerabilities that are specific the organization's secure e-mail management system.

 

4.Explain the role that anti-malware software will play in securing e-mail. What software would you use? Why?

 

5. Describe the technical controls that you will employ to enforce e-mail security policy. Describe personnel controls that are available to enforce e-mail security policy. describing  core principles and practices related to enterprise e-mail systems,  including descriptions of secure e-mail practices within the context of the provided case study.

 

Questions to Consider To deepen your understanding, you are encouraged to consider the questions below and discuss them  with a fellow learner, a work associate,  an interested friend, or a member of the business  community. There are few applications that introduce as much inherent risk to  the information assets of an  organization  than do e-mail applications. There are a wide range of technical controls that can be  applied to mitigate these risks, however the largest and least manageable risk is the human risk.

 

1. What are some of the strategies that can be used to ensure that enter rise e-mail u do malware into the internal network through Resources ial em use organization system Bob eat.

 

The following  resources are required to complete the assessment. Capella Resources Click the link provided to view the following  resource:

 

Case Study: Global Widgets Inc.

 

The following  optional resources are provided to support you in completing  the assessment or to  provide a helpful context. For additional resources, refer to the Research Resources and  Supplemental  Resources  in the left navigation menu of your courseroom. Capella Resources Capella University  is pleased to offer the Information Security Career Central Web site as a  resource to all learners in this field. At this site, you can participate in discussions of current  topics in the information assurance and security field. You can browse the site for resources and  helpful links, as well as for upcoming events such as conferences.

Effect of Cloud Migration on Email Security

 

Library Resources

The following e-books and articles from the Capella University Library are linked directly in this course.

 

Tipton, H. F., & Krause Nozaki, M. (2012). Information security management handbook, volume 6, 
(6th ed.). Boca Raton, FL: CRC  Press. Chapter 2,   "E-Mail Security."

Gibson, D. (201 1). Microsoft: Windows security essentials. Indianapolis,  IN: Wiley  Publishing. o   Chapter 10 , "Enforcing  Confidentiality With Encryption." Course Library Guide

A Capella University  library guide has been created specifically  for your use in this course. You  are encouraged to refer to the resources in the IT-FP4070 Cyber Defense and Countermeasures Library  Guide to help direct your research.

 

Internet Resources Access the following  resources by clicking the links provided. Please note that URLs change frequently. Permissions  for the following  links have been either granted or deemed appropriate   for educational use at the time of course publication.

 

Cisco. (201 4). Cisco email security architecture I Transcript [Video]. Retrieved from  http://www.youtube.com/watch?v=JYOwaoiTwLs

 

 Enterprise  Risk Management.  (2014).  Email security: When good news poes bad |  Transcript [Video]. Retrieved from http://www.youtube.com/watch?v=tkgLHoaFeFk
EPCGroup.net.  (201 3). Core solutions of Exchange  Server, 2013, part b, configuring  administrative security and auditing I Transcript [Video]. Retrieved from 
http://www.youtube.com/watch?v=uAqX7TGahPg

Integra. (2013).  Email in the cloud: Spend less/get more with a hosted Microsoft Exchange |  Integra Webinar |  Transcript [Video]. Retrieved from http://www.youtube.com/watch?v=AH2Ysw744U8

TechEd North America. (2014).  Encryption in Microsoft Office  http://www.youtube.com/watch?v=6AOil 

 

Assessment  Instructions

In your role as information security professional  serving  the CIO, you have been asked to create  a 6—8 page e- mail security plan that will become part of the corporate knowledge  base.

 

Use the organization  and characteristics described in the Case Study: Global Widgets Inc. document  found in the Required Resources as the context in which to create your plan. Include the following  in your professionally-formatted plan:

 

1. Diagram and describe the basic components  of the secure e-mail system.

2. Discuss how a move to the cloud will affect your e-mail security plan.

3. Describe threats and vulnerabilities that are specific the organization's secure e-mail 
management system.

4. Explain the role that anti-malware software will play in securing  e-mail. What software would 
you use? Why?

5. Describe the technical controls that you will employ to enforce e-mail security policy.

6. Describe personnel controls that are available to enforce e-mail security policy.

7. Written communication: Written communication is free of errors that detract from the overall  message. APA formatting: Resources and citations are formatted according to current APA style.

Length: 6—8 pages, excluding the references page.

Font and font size: Times New Roman, 12 point.

 

E-mail Security Scoring Guide Use the  scoring guide to enhance your learning.

 

8. How to use the scoring  guide This button will take you to the next available assessment attempt tab, where you will be able to  submit your assessment.