Domains of IT Responsibility

Domains of IT Responsibility

Working at a financial institution I feel that User Domain is very important. This domain of IT responsibility encompasses policies related to E-mail, Privacy, and System Access. From a security standpoint these policies are necessary to have a secure infrastructure in any type of application. We use a program called IronPort to regulate what is sent out from a user. IronPort stops any email from being released if it has a member account number, Social Security Number, or Driver’s License Number. If it contains any of these numbers it must be encrypted before being sent. System access is a no brainer because you do not want to grant access to certain files or account that is not necessary for that particular user to have. Finally, privacy is important because it is detrimental to an organization’s reputation to ensure customers and employee’s information is protected.

Business challenges associated with User Domain, to me, would be cost and education. Having software and personnel to facilitate the security needs can become very costly depending on how secure you would like it to be. Educating employees and customers is very time consuming but necessary for when the unexpected occurs, the employee can react appropriately.


LAN/WAN security: resources shared on a network should be protected by allowing access only with a valid user name and password combination, secure peer to peer file sharing, Patch/update client software and servers.

Enforcing proper passwords criteria, company laptops may need Additional disk space, speed and memory limitations often make keeping laptops up to date with security patches difficult. Added security of a hardware or software firewalls.


A LAN connects two or more computers within a small area. If you have a home cable modem connected to wireless router then you would need a username and password but you do not utilize this when hard wired. When speaking of a WAN, it rather covers a wide geographical area like the internet or World Wide Web. It could also be private like a business or an organization like the one I work at. Our WAN network is private and connects all workstations and the branches to our network. With our setup you need a username and password to access the network through the Active Directory on a Domain Controller.

At my place of work we run security patches and windows updates regularly. We have a daily task list to check for security updates and then push them company-wide the same evening. Windows updates usually come out on the second Tuesday of the month. We send these updates to a test group before releasing them company-wide a week later. Company laptops are connected through VPN when offsite so the need for extra hard drive space, speed, and memory is irrelevant because they are required to work within our network.