In your role as information security professional serving the CIO, you have been asked to create a 6–8 page e-mail security plan that will become part of the corporate knowledge base.
Use the organization and characteristics described in the Case Study: Global Widgets Inc. document found in the Required Resources as the context in which to create your plan.
Include the following in your professionally-formatted plan:
- Diagram and describe the basic components of the secure e-mail system.
- Discuss how a move to the cloud will affect your e-mail security plan.
- Describe threats and vulnerabilities that are specific the organization’s secure e-mail management system.
- Explain the role that anti-malware software will play in securing e-mail. What software would you use? Why?
- Describe the technical controls that you will employ to enforce e-mail security policy.
- Describe personnel controls that are available to enforce e-mail security policy.