Question

In: Computer Science

Every day there are stories in the media related to security breaches, etc., in organisations and...

Every day there are stories in the media related to security breaches, etc., in
organisations and their ramifications. The Security consultancy you work for has asked
you, in your capacity as an IT Security Specialist, to design a Security Policy for the
organisation

Solutions

Expert Solution

For the given scenario to design a security policy as an IT security specialist for the organisation, let's get abrief idea of what a security policy is.Let's get started

Security Policy: In bussiness and organisations a security policy is aset of rules and procedure as an written documents that outlines for all individuals that how to protect the company's physical and information technology (IT) assets. A security policy is a "living document" which means it is continuously updated as technology and employee requirements change So this document is often considered as never finished document. It also needs to outline damages to those items.

The objectives of security policy is the preservation of privacy, ethics, and accessibility of systems and information used by an organization employees.

Confidentiality involves the protection of assets from unauthorized entities
Integrity assure the improvement of assets is handled in a specified manner
Availability is a state of the system in which authorized users have continuous access to the assets
How to Develop Policy:

Security policy must be based on the results of a risk assessment.Institutions such as the International Organization of Standardization (ISO) and the U.S. National Institute of Standards and Technology (NIST) have published standards and best practices for security policy formation also finding these risk assessment clears the picture to policy makers of security needs of the Organisation.The steps to build a successful security policy includes:

  • Identifying risks
  • Learning from others
  • Making sure the policy conforms to legal requirements
  • Including staff in policy development
  • Training the employees
  • Seting clear penalties and enforcing them
  • Installing the tools that we need
  • Defining institutional security goals and objectives
  • Setting a course for accomplishing those goals and objectives


The most important security polices:

  • Remote access
  • Password creation
  • Password management
  • Banning portable media
  • Acceptable use

<<<<As a security policy is a huge doument In the given time i can only provide this much information.Please do upvote.It motivates us to do better.For any doubt or query reach us in comments.Be safe>>>>>


Related Solutions

Threats are made against the nation and pose a security risk, every day, but the public...
Threats are made against the nation and pose a security risk, every day, but the public is not always aware of these threats. For this week’s discussion question respond to the following prompts: Examine whether it is ethical or not for the government to hold such information from private citizens or if citizens should know about any cyber-attacks against the nation. Identify any legal ramifications that could arise if citizens were aware of all cyber-attacks made against the nation.
Find two cases in the media (internet, TV, etc.) of a person (organization, etc.) attempting to...
Find two cases in the media (internet, TV, etc.) of a person (organization, etc.) attempting to describe an example of the process of Darwinian evolution but is incorrectly describing the evolution process using a Lamarckian approach to evolution. Give the following information for both cases: Source (where you found it) In what ways are they mistakenly claiming that the evolutionary process is an example of Darwinian evolution? How do you know that they are really describing evolution through a Lamarckian...
List & give an example of ‘real world’ security breaches that actually happened and still happening...
List & give an example of ‘real world’ security breaches that actually happened and still happening as they relate to each of the six dimensions of e-commerce security- (one for each dimension) table 5.3 Integrity Nonrepudiation Authenticity Confidentiality Privacy Availability
Your readings for this week have discussed databases, data breaches, and networking security in the business...
Your readings for this week have discussed databases, data breaches, and networking security in the business world. Find a major data breach within the last 2 years and do some research explain how and why the breach occurred, what information was accessed, and how this information could be misused. Has the incident been fully resolved or are there ongoing security issues with the company or customer information? Remember to include references to your readings and an article from the web...
Do you believe they have changed policies without the presence of damaging stories in the media?...
Do you believe they have changed policies without the presence of damaging stories in the media? If not, what does it say about their old managing style?
Students will assess actual security breaches and think critically about the cause, impact, continuity, and prevention...
Students will assess actual security breaches and think critically about the cause, impact, continuity, and prevention of these malicious attacks. In Target's 2013 holiday data breach and cyber-attack, data belonging to millions of customers was disclosed. The hackers in the Target attack used legitimate credentials to initially enter the system. In 500 or more words, address social engineering and the most likely way the attackers used valid credentials to achieve their hack.
Look at the company's web page and news stories (Wall Street Journal, Fortune, Forbes, BusinessWeek, etc.)...
Look at the company's web page and news stories (Wall Street Journal, Fortune, Forbes, BusinessWeek, etc.) to describe one of the following companies' corporate strategy AND what changes they've made at least in the last 3 years to their corporate portfolio. (Correctly) use as many appropriate corporate strategy concepts as you can. Do you think their corporate strategy has been a success? Why or why not? (remember to support your opinion with data or text material). Here are the companies:...
There is an abundant supply of media stories on global warming, carbon taxes, cap-and-trade, traffic congestion,...
There is an abundant supply of media stories on global warming, carbon taxes, cap-and-trade, traffic congestion, the declining east-coast fishery, and other externality-related topics. Two fundamental issues underlie all of the stories. One is the lack of property rights. The other is the opportunity cost of tackling problems of negative externalities. In this learning activity, it is appropriate to return to, and reinforce, the single-most-important-concept-in-all-of-economics - opportunity cost. Opportunity cost is at the heart of a scenario mentioned at the...
In social media, or the news, or internet in general, or your day to day life...
In social media, or the news, or internet in general, or your day to day life how did cancer cell, nutrition in animals, circulation, and exchange, animal form and function helped you to verify, question, support or apply the information of the importance or the effects found in your our daily life? Give me 3 complete examples (3 paragraphs). what has social media or the news shown about them?
Social Media Addiction. Researchers are concerned about the impact of Social Media (Facebook, Twitter, Instagram, etc.)...
Social Media Addiction. Researchers are concerned about the impact of Social Media (Facebook, Twitter, Instagram, etc.) on student’s focus. In particular, they believe that too much time spent on social media can negatively impact a student’s academic performance. The problem has gotten worse with the recent widespread use of smartphones. The first objective of the researchers is to find out, on average, how many hours per day on weekdays college students in the US spend on social media while using...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT