Question

In: Computer Science

Write a physical security policy for any organization.

Write a physical security policy for any organization.

Solutions

Expert Solution

1)

Overview

The organization Physical Security Policy is implemented in order to ensure the safety of the organizational computer systems as well as physical resources on company premises.

Purpose

The Physical Security Policy is intended to ensure that physical computer resources and information resources are properly protected physically.

Scope

The Physical Security Policy applies to all company computer systems and information, including printed copies of information which may be sensitive.

Physical Requirements

Appropriate measures in regard to access control, environment, and protection must be in place to properly protect physical computer systems and information resources from physical harm or unauthorized access and disclosure. These resources include informational assets that are not computer related. All employees, vendors, contractors and partners are responsible for ensuring that information resources and computer systems have proper and adequate physical security.

Access to the office must be logged either electronically or on log sheets. The person getting access must be required to log in and the log in requirement must not be voluntary. Places where authentication devices or data storage facilities exist must require access logs records to be maintained.

  • Removal or addition of computer equipment belonging to the company must be logged and accounted for within the office.
  • All those who have access to where organizational computer systems are must pass a security background check or be escorted by a staff member who has passed a security background check.
  • Computer equipment that allows access to systems without password controls such as account login must be protected in rooms with proper physical access controls. These controls must include mandatory logging of access and proper construction of the room to prevent unauthorized break-in.
  • Office premises must be secured in the absence of an authorized employee, with all physical locks on entryway doors engaged.

Policy Compliance

Employees must adhere to the outlined protocol above and following, with special considerations for personal policies.

  • Be alert and aware of suspicious characters in or near office premises. Report suspicious characters or activities as is appropriate and safe.
  • Keep computer equipment in your possession secure at all times whether on organizational premises or away from the company premises.
  • Report loss or theft of any sensitive documents, memory storage devices, or computer equipment to management and document it with appropriate forms.
  • Be sure information assets being disposed of are disposed of properly in accordance with the Data Destruction Policy, if applicable.

Enforcement

Since proper physical security is critical for protecting the security of the company, employees that purposely violate this policy may be subject to disciplinary action up to and including denial of access, legal penalties, and/or termination.


Related Solutions

Create a guideline document which should address the Physical Security requirements of the IT Infrastructure and IT Assets for the organization.
1) Create a guideline document which should address the Physical Security requirements of the IT Infrastructure and IT Assets for the organization. 2) Address the data security requirements for your branch offices in other cities.
As a Public Health professional what policy, you will make for organization to promote physical activity...
As a Public Health professional what policy, you will make for organization to promote physical activity among working people to reduce their sedentary lifestyle
Challenges in Implementing Physical Security. In your opinion what are the challenges in implementing physical security,...
Challenges in Implementing Physical Security. In your opinion what are the challenges in implementing physical security, this includes social engineering.
Using the framework presented in this chapter, draft a sample issue-specific security policy for an organization.
Using the framework presented in this chapter, draft a sample issue-specific security policy for an organization. At the beginning of your document, describe the organization for which you are creating the policy and then complete the policy using the framework.
Cyber security write a small antivirus policy for the IT infrastructure and users in a small...
Cyber security write a small antivirus policy for the IT infrastructure and users in a small business an elementary school You may research anti-virus policies of organizations on the web, please use and cite responsibly.
1. Is it a security policy? 2. What type of security policy is described?
1. Is it a security policy? The textbook defines a security policy as, "... an overall general statement produced by senior management (or a selected policy board or committee) that dictates what role security plays within the organization". Is your selected document a security policy per this definition? If not then describe its purpose. Note that some items on this list may not really be security policies per this definition.2. What type of security policy is described? Assuming the document is...
what some examples of disciplinary actions your organization/department or IT security would take if any HIPAA...
what some examples of disciplinary actions your organization/department or IT security would take if any HIPAA rules had been violated or breached.
Prompt: You will submit your creation of a cyber-security policy. The cyber-security policy will assess how...
Prompt: You will submit your creation of a cyber-security policy. The cyber-security policy will assess how the organization will interpret security issues that occur in the workplace. The cyber-security policy will also distinguish and examine ethical issues in the workplace that pertain to social media, email, and privacy. Compose an organizational security policy that protects the confidentiality , integrity , and availability of EQUIFAX DATA BREACH IN 2017 Original Question : Prompt: You will submit your creation of a cyber-security...
Write and explain accounting policies used in preparation of financial statement for any Ghanaian organization
Write and explain accounting policies used in preparation of financial statement for any Ghanaian organization
Write any 6 or 7 resources wirtten in APA citation related to networking, communication,and security.
Write any 6 or 7 resources wirtten in APA citation related to networking, communication,and security.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT