1 CSI2102- Information Security Assignment 02 Information Classification Schema Semester 01, 2017 Details: Title: Information Security Assignment 2 Due Date: 09.00 AM (GMT+8) Monday 08th May 2017. Value: 30% of the final mark for the unit Length: Maximum of 3000 words (excluding cover page and references) Background: This assessment builds on the previous assessment – i.e. Assignment 01- 3D Media Comm. Ltd. The Western Australian based company “3D Media Comm. Ltd” is a social media marketing company, which targets small business. 3D Media Comm. Ltd has seen their business expand over the last five years in a marketplace that has been very competitive to date. One particular larger competitor is gaining some market share back which may threaten 3D Media Comm. Ltd sales. Also, the increased use of smartphones for social medial marketing using mobile apps, is gaining more popularity with small business. You are employed as the Information Security Manager. Task: 3D Media Comm. Ltd has just designed a revolutionary method to quickly increase the impact of social media marketing using both a mobile app and a desktop program which assist clients manage their own accounts. The company has not yet released the product nor made any public statements, but social media market, their clients and the larger competitors are all keen to find out the details of 3D Media Comm. Ltd’ product development. The Board of Directors of 3D Media Comm. Ltd are concerned about protecting the details of the product and their Intellectual Property. If a third party were to gain access to 3D Media Comm. Ltd’ product development it would be financially detrimental to the company and possible impact their market share. The new product will be released in 3 months. 2 The Board has assigned to you, as the Information Security Manager, the task of researching and reporting on the protection of the product development information now and in the future. In order to be able to able to explain the issues to the Board you must identify all information that is associated with the new product, its marketing, and the company clients. To explain the vulnerabilities and appropriate protection mechanisms, you must use (or develop) a suitable information classification scheme. Using this classification, you can then report on the vulnerabilities and countermeasures that should be in place, and develop an information security plan prior to the release of the new product. This is NOT a straight report of the security issues, it must be structured to explain the issues and solutions using the information classification schema you have chosen. Report Requirements: Must Contain Cover/Title Page This must contain the unit code and title, assignment title, your name and student number, and due date. Table of Contents This must accurately reflect the content of your report and must be generated automatically in Microsoft Word with page numbers. Executive Summary The executive summary should represent a snapshot of the entire report that the CEO will browse through and should contain the most vital information requested. Introduction Introduce the report, define its scope and state any assumptions. Use intext references where appropriate. Main report content The report must address the task as defined above. The report must contain your definition of the problem, your research, present a suitable information classification scheme, and how this is applied to the context. You will require in-text references to support your argument and information presented. References should predominantly come from books, journal articles, and conference papers as these have been peer reviewed prior to publication. References A list of end-text references formatted according to the ECU requirements using the APA format. It is recommended that Endnote is used to manage references. Your references should ideally comprise of books, journal articles and conference papers. Format This report should be no more than 3,000 words (excluding references and diagrams) and labelled as .docx and should be in a single file. Your assignments must be word-processed and the diagrams be developed using graphics software (most word-processors provide this facility). The text must be no smaller than 12pt and font Times New Roman 3 Late submission: Edith Cowan University penalties (ECU Admission, Enrolment and Academic Progress, Rule 39, subrule 5) for late submission may be applied. (5) Subject to subrule (6), an assignment submitted after the fixed or extended time for submission shall incur a penalty to be calculated as follows: (a) where the assignment is submitted not more than one week late, the penalty shall, for each working day that it is late, be 5% of the maximum assessment available for the assignment; or (b) where the assignment is submitted more than one week late, a mark of zero shall be awarded. Academic Misconduct (Including Plagiarism): Edith Cowan University regards academic misconduct of any form as unacceptable. Academic misconduct, which includes but is not limited to, plagiarism; unauthorised collaboration; cheating in examinations; theft of others students work; collusion; inadequate and incorrect referencing; will be dealt with in accordance with the ECU Rule 40 Academic Misconduct (including Plagiarism) Policy.