Employee Security Policy Paper
QWD’s security policy does not address the topic of employee’s using company equipment such as the IPhone’s, Windows cell phones, and laptops for personal use. This should be addressed in an Acceptable Use Policy. By the company not making it a policy that all company equipment is for company use only, it leaves the company vulnerable for open attacks. It is not unfeasible to think that employees do use company provided equipment for personal use. Employees use the devices to send and receive personal emails through non-related company sites such as Yahoo, Hotmail, and Gmail. They use the company devices to surf the web, shop for items, play games, download applications, get on social networks such as MySpace, Facebook and Twitter, watch videos,
…show more content…
The threat that can arise are if an employee downloads a virus, malware, or Trojan to their mobile phone, laptop, and even desktop. This is especially so for the remote devices because when these are connected to the Exchange server, it can infect the corporate network. If an employee is using their desktop to surf the Internet for personal usage and they open an email sent by a friend that has a virus attached, it can infect the network. Another example is if an employee registers for something personal online, such as a sweepstakes, this …show more content…
If anything the employee has downloaded and allowed to infect the company network, it is safe to say that number goes up. If infections are passed onto the network, it could halt business processes. In order to fix the problem, it would cause the company time and money. The company also has to try and assess how much and what type of damage was caused by the attack. It could also keep employees from accessing necessary applications, emails, and working on time sensitive projects.
If the employee has downloaded a virus through their personal email that is meant to search for email addresses and send out viruses, it could hurt the company. In the article by George Fowler, it states that if attackers are able to obtain customer’s information, they can send spear-phishing emails. (Fowler, 2011) Then the customer would open it because they believe it is coming from QWD. This would compromise the trust of the customer with the company and could affect
The threat that can arise are if an employee downloads a virus, malware, or Trojan to their mobile phone, laptop, and even desktop. This is especially so for the remote devices because when these are connected to the Exchange server, it can infect the corporate network. If an employee is using their desktop to surf the Internet for personal usage and they open an email sent by a friend that has a virus attached, it can infect the network. Another example is if an employee registers for something personal online, such as a sweepstakes, this …show more content…
If anything the employee has downloaded and allowed to infect the company network, it is safe to say that number goes up. If infections are passed onto the network, it could halt business processes. In order to fix the problem, it would cause the company time and money. The company also has to try and assess how much and what type of damage was caused by the attack. It could also keep employees from accessing necessary applications, emails, and working on time sensitive projects.
If the employee has downloaded a virus through their personal email that is meant to search for email addresses and send out viruses, it could hurt the company. In the article by George Fowler, it states that if attackers are able to obtain customer’s information, they can send spear-phishing emails. (Fowler, 2011) Then the customer would open it because they believe it is coming from QWD. This would compromise the trust of the customer with the company and could affect