Case Study for Understanding the 30,000 Foot View Before Diving In

Information security personnel have a challenging road to travel. InfoSec folks need to be conversant with a variety of systems, such as: routers, networks, servers, PCs, and applications. We also must be skilled with a myriad of tools, know where to find them, how to use them, how to remediate weaknesses, and still get everything to work. This challenge is formidable, but these items are all technical, which generally may be learned a number of ways, such as through SANS training. This case study addresses the front-end soft topics of information security, which may not be so easily learned. The analysis of the business, the security problems encountered, how they affect the business, and their resolution will be covered. To retain some brevity for this paper, the typical technical procedures will be bypassed, as there are many other good sources for these topics. The goal of this paper will be to provide some insight to help the reader become a bit more business-savvy, where gearing solutions to the needs of the organization will help raise acceptance rates.