CIS560: Security Access and Control Strategies
The Human Element
Human nature is the single greatest vulnerability in any control system and cannot be ignored. Organizations should always take human behavior into account when designing access plans and strategies. Human beings can pose unintentional threats when they accidentally delete data. Hackers may be motivated by financial data when they attack a system or use social engineering skills to gain access to restricted data. Consider human nature and organizational behavior in this term paper.
Write an eight to ten (8-10) page paper in which you:
- Propose five (5) techniques that organizations should apply to mitigate the threats arising from human nature.
- Evaluate the consequences of a poor hiring decision. Propose steps that could be taken to prevent such bad decisions in the first place.
- Examine what an organization could possibly learn when a policy is implemented to observe personnel in an ongoing manner.
- Propose five (5) best practices that you would use to handle human nature and organizational behavior.
- Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
- Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
- Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
- Define proper security controls within the User Domain to mitigate risks and threats caused by human behavior.
- Use technology and information resources to research issues in access control.
- Write clearly and concisely about topics related to Security Access & Control Strategies using proper writing mechanics and technical style conventions.