write an authentication policy for a hypothetical organization. This policy should address the use of various authentication schemes for different assets. The policy can select from an array of authentication technology including: passwords, passphrases, image selection, pattern matching and other multi-factor authentication technology depending on the asset being protected. This is an authentication policy which is a subset of a full security policy. writing a complete security policy is too large a project. Therefore we are focusing on a subset of functionality which is authentication. This assignment is to write an authentication policy for the assets defined in the problem. With that said there are numerous issues, process and procedures that touch on the topics of authentication related to the assets in this problem. The requirements for this policy are below. When writing a policy you should consider providing an overview and a scope statement. There may be other sections you consider important. This is an authentication policy which is a subset of a full security policy. The intent of this exercise is to provide you practice in writing a policy that conforms to various requirements. For some functional areas you need to implement a password policy. You need to describe who the policy applies to and what assets are covered by the policy. For some functional areas you need to implement a password policy. You need to clearly define the policy for how passwords are selected by users. You need to define how passwords are used. You need to clearly describe how each authentication procedure is to be used by the user. When you document a policy for a particular functional area or asset you should explain and justify your choice of functionality. For some functional areas you should implement various multi-factor authentication schemes. You need to clearly define the policy for the schemes you select and describe how the procedures are used. Your policy must address the authentication for the following assets:

Authentication for desktop workstations Authentication for laptops that connect wirelessly.

Authentication for laptops.

Authentication for laptops that go off site and contain critical client and company information. Also consider the authentication needed for these laptops that connect into the organizations network.

Authentication for handheld devices (e.g. Android, Iphone) that go off site and contain critical client and company information. Also consider the authentication needed for these handheld devices that connect into the organizations network.

Authentication for administrator accounts on servers

Authentication to physically access computer lab rooms that store critical client and company information on servers

Authentication to physically access rooms that store employee salary and performance review information