reply to discussion below

/in /by

Red Clay Renovations is a very famous organization who is well-known for home renovation (King, 2018). With the focus of Red Clay Renovations being towards that of specifically real estate-related fields, information technology must be emphasized to ensure true protection in terms of cybersecurity. This is important for cybersecurity, and why each field office must have a separate System Security Plan.

Red Clay Renovations has one main site and several out-sites. The main site is at Owing Mils, Maryland. The out-sites, also known as field officers, are in Philadelphia, Baltimore, and Delaware (King, 2018). Additionally, many employees work-at-home, utilizing Red Clay’s tele-work policy. In spite of this, more measures are needed, such as System Security Plans (SSPs). While these System Security Plans may be very similar, it will be very difficult to ensure that they are all the same due to different Standard Operating Procedures (SOPs) that are region-specific (Swanson, et al. 2006). This is because of differing IT architecture at all locations, preventing the exact same System Security Plan to be used for all locations.

The System Security Plan will identify specific information systems and categorize them accordingly, in conjunction with standards such as FIPS 199, Standards for Security Categorization of Federal Information and Information Systems (Department of Energy, 2019). It will also assign specific roles and responsibilities, which will obviously vary by office due to different personnel in each office, thus making separate System Security Plans a necessity (Federal Communications Commission, 2014). Additionally, these plans discuss information sharing and security controls in an in-depth manner, ensuring the utmost cybersecurity protection for Red Clay Renovations, at-large.

In the case of Red Clay Renovations, some of the items listed might be the hardware utilized for the web server and the email server for the company in the Owing Mills facility. Additionally, more hardware and software that may appear include Windows Server 2012 for server systems, Windows 10 Enterprise for operating systems, and Dell-branded computers for laptops (King, 2018). However, while this may seem similar on its surface, the offices are ultimately different due to the “smart” office IT architecture implemented in Baltimore, Philadelphia, and Wilmington. This also utilizes servers, but also uses things like a local area network and smart device controllers to enable business functions for Red Clay Renovations.

Therefore, Red Clay Renovations must have different System Security Plans. It is important to implement System Security Plans, and it is also important to understand that not all locations will share the identical one for Red Clay Renovations.

References

Department of Energy (2019). Sample Information System Security Plan. Retrieved from https://www.emcbc.doe.gov/SEB/WVDP_Technical_Servi…

Federal Communications Commission. (2014). Cybersecurity planning guide. Retrieved from https://transition.fcc.gov/cyber/cyberplanner.pdf

King, V. J (2018). Red Clay Renovations Company Profile. Retrieved from https://learn.umuc.edu/d2l/le/content/349440/viewC…

Swanson, M., Hash, J., & Bowen, P. (2006). Guide for developing security plans for federal information systems (NIST SP 800-18, Rev 1). Retrieved from http://csrc.nist.gov/publications/nistpubs/800-18-…