University of Phoenix OnlineJune 15, 2009McBride Financial Services Security PolicyEstablishing a security policy is the starting point in designing a secure computer network. It is essential that a set of minimum security requirements be gathered, formalized, and included as the basis of McBride Financial Services security policy. Security policy addresses constraints on functions and flow among them, constraints on access by external systems and adversaries including programs and access to data by people ("Security policy", 2009). This security policy will be enforced by McBride Financial Services and will create an additional cost to running and monitoring the company's network. The additional cost and benefit of the company's security policy will be understood and embraced by the company's management in order to enhance and maintain company's network and system security.
McBride Financial Services is a start up regional mortgage lender that provides customers will low cost mortgage services with the state of an art technology in five states area of Idaho, North Dakota, South Dakota, Montana, and Wyoming (Apollo Group Inc, 2003).
The company specialized in conventional, FHA, and VA loans for home purchasing and refinancing (Apollo Group Inc, 2003). The company believes in the importance of protecting the customer's sensitive information and assures that the entire customer's personal information will be kept confidential.
One of the best ways to determine the level of security in the company that must be implemented is to perform a threat analysis and risk analysis. The first step in performing a threat analysis and risk analysis is to identify all the threats to the company's computer system and network. The next step is to perform risk assessment. The risk can directly translate to the loss of revenue due to the company's computer system and network downtime, data loss, unavailability, and negative impact on...