Assignment 1: Privacy, Laws, and Security Measures
You are an information security manager for a large retail sporting goods store. The sporting goods store is involved in the following in which they:
Maintain an internal network and an intranet protected by a firewall
Maintain a Web server in the DMZ that is protected by another firewall
Accept credit card sales in the store and over the Web via e-Commerce transactions
Maintain an email server for employee email communication and communication with other business partners and customers
Maintain a wireless network within the store
Use RFID for inventory and theft prevention
Maintain a Facebook presence
Provide health screening for high blood pressure, high cholesterol, and other potential health risks
The CEO is concerned about the amount of information that is being collected and maintained within the organization.
Write a three to five (3-5) page paper in which you:
Describe the major privacy issues facing organizations today.
Analyze the major privacy issues described above and compare that to the potential privacy risks facing the sporting goods store.
Explain the security risks and applicable laws that govern the privacy risk.
Describe the security measures that the organization needs to implement to mitigate the risks.
Use at least three (3) quality resources in this assignment. Note: Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required page length.
The specific course learning outcomes associated with this assignment are:
Explain the concept of privacy and its legal protections.
Use technology and information resources to research legal issues in information security.
Write clearly and concisely about information security legal issues and topics using proper writing mechanics and technical style conventions