A Security Plan Policy For An Dod Information Protection...

1. Introduction The Department of Defense (DoD) is America s oldest and largest government agency, with military traces dating way back to pre-Revolutionary times. The Department of Defense has since grown and evolved with the nation, hence becoming the national’s largest employer with over 1.4 million active duty soldiers, 1.1 million National Guard and Reserve forces, and 718,000 civilian personnel. With such a huge organization does come with a huge network, and security infrastructure network, and the burden to protect the information transferred or stored on that network. This means information is a strategic asset to the Department of Defense; it’s therefor the goal of this security policy to provide guidelines of implementing†¦show more content†¦Department of Defense assets such as security information shall be protected from loss of confidentiality, integrity, and availability; will be safeguarded, classified, and declassified in accordance with laws and regulations s et forth in the policy. Information asset is any information systems such as computers, data, network, smart phones and so forth. The physical asset is identified as buildings, land, people, any given geographical location owned or leased by DoD. And such assets will be only owned and used for DoD purposes. 4-2. Access Control Access control is a critical key for both physical and information security. This policy will ensure that unauthorized users cannot access DoD information by applying both logical and physical controls. All acceptable users are to be identified and authenticated before authorized access to information. The policy requires that all DoD users use multifactor authentication for authorization, meanings uses have to use at least two of the three authentication factors; something you know such as password and pin, something you have such as CAC card, something you are such as finger prints or retinal pattern. Accountability 4-3. Information Security The main goal of information security is to prevent the all network system from loss of confidentiality, integrity, and availability. All data and information transferred and stored on the DoD system will require encryption for protection of confidentiality. 4-4. Network