SECURITY - GOVERNANCE - RISK - COMPLIANCE
SELECTED PROJECTS
WORKSTATION SECURITY FRAMEWORK
Client
Trusted Client, Financial industry
Categories
Security Transformation, IT Services
Completed
December 22, 2006
Project Budget
$550,000
Project length
8 months
Project Details
BACKGROUND
An organization within financial industry required an optimized process for workstation distribution and pre-set design for security. Project was part of an IT Security Transition work stream and functioned as a sub-project. The organization had multiple workstation platforms and images that were created by combining a variety of software components together and, needed to document security settings for each component that the Vendor was responsible for implementing on each workstation.
As Framework for Windows workstation security settings was need to be developed and implemented. Collectively, the documents were to become a framework, aka Workstation Information System Control Document. In general it was the Vendors responsibility for kernel and infrastructure components, including e-mail-system and Microsoft Office and client was responsibility for various add-on components.
CHALLENGE
The overall organization existed of 600+ users that average needed to renew workstation approximately every 3 years. The Security Transformation Work Stream Program was to create a new ordering model with supporting processes and procedures that streamlined all resources needs covering the whole organization.
It also needed to adhere to the transformation phase of the Global Corporate Cybersecurity Strategy and Governance journey the organization had started.
SOLUTION
In order to ensure a globally successful Workstation Security Framework, the project needed to document security settings for each component that IBM is responsible for. As sub-project to a larger transformation program, a Framework for Windows workstation security settings was developed and implemented. Collectively, these documents became a framework, aka Workstation Information System Control Document.
In general the Vendor was responsibility for kernel and infrastructure components, including e-mail systems, Microsoft Office. The organization was responsibility for various add-on components, including applications that could not be included in a digitilized pre-installed configuration.
RESULT
The overall set of completed deliverables included the framework and manuals for use by end users when requesting a new workstation.
The procurement was divided into different parts in order to ensure that scope was clearly defined.
The project was complete when components had been identified and Workstation Information System Control Document and associated with the Workstation Security Framework document had been produced, and successfully handed over to line organization.
Establish Workstation
Security Framework Program
Do you need similar expert help?
Contact Fogel Consulting through the contact form to receive further information and possibility to present your own case and business needs.
FOGEL CONSULTING
IT consulting service with support for development and maintenance in the form of consulting advice with focus on IT and Information Security and Risk Management. Support your adherence to Compliance (legal and regulatory requirements), and leading project implementation of management systems for control of IT and Information Systems (ISMS/LIS)
Get in Touch
ENABLE BUSINESS SUCCESS WITH PROFESSIONAL SECURITY SERVICES
© Copyright. All Rights Reserved