INF 325 Week 1: A Case Study
Security Policies: Importance, Development, Comparison, and Implementation
Heather Ebhardt
INF 325: Telecommunications & Networking Concepts
Instructor: Dr. Arman Kanooni
06/08/2015
Security Policies: Importance, Development, Comparison, and Implementation Internet and network security are a primary concern for many businesses. In today 's world, the number of hacks and leaks of data is continuing to rise, which is what makes security the primary concern. What may or may not be apparent is that many breaches of data tend to be caused by internal users ' errors that may not even have been meant to be malicious. Liaskos and Sandy quote a study by Roman which revealed
...about 50 per cent of company management were concerned about …show more content…
Behaviors such as transferring files from a work device to a home computer that is not protected or maintained to IT’s standards, using personal communications that are not as safe as corporate communications, talking about sensitive company matters where others can hear the conversation, and failing to use a laptop privacy guard when working remotely in a public place all invite information theft. Employees also fail to safeguard equipment such as laptop computers and portable storage devices, which can be lost or stolen (Cisco Systems, 2008, p 5).
Remote access to the company 's network or the use of wireless hotspots can cause an increase in the risk of data loss, so having a second set of policies in place for when it is part of an end users job is especially important. Employees working inside a facility can be more closely monitored than those working outside of it. Even if there are measures in place for audits of the devices granted to those who work remotely, things like transfer of data to another computer or theft are much harder to counter or …show more content…
G. (2002). Basics of an IT security policy. Informally published manuscript, SANS Institute, Available from Global Information Assurance Certification. (Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46). Retrieved from http://www.giac.org/paper/gsec/1863/basics-security-policy/103278
Business Research Guide. (N.D.). IT security plan. Retrieved from http://www.business researchguide.com/it-security/it-security-plan/
Cisco Systems. (2008). Data leakage worldwide: Common risks and mistakes employees make. Retrieved from http://www.cisco.com/c/en/us/solutions/collateral/enterprise- networks/data-loss-prevention/white_paper_c11-499060.pdf
Liaskos, J., & Sandy, G. A. (2004). An evaluation of Internet use policies of Victorian local government. Australian Journal Of Public Administration, 63(4), 90-100. doi:10.1111/j.1467-8500.2004.00405.x. Retrieved from EBSCOhost.
Olzak, T. & Bunter, B. (2010, May 07). Security basics - components of security policies. Bright Hub, Retrieved from http://www.brighthub.com/computing/smb-security/articles /2259.aspx
Scott, A. (2013, April). How to create a good information security policy. Computer Weekly, Retrieved from http://www.computerweekly.com/feature/How-to-create-a-good-
Heather Ebhardt
INF 325: Telecommunications & Networking Concepts
Instructor: Dr. Arman Kanooni
06/08/2015
Security Policies: Importance, Development, Comparison, and Implementation Internet and network security are a primary concern for many businesses. In today 's world, the number of hacks and leaks of data is continuing to rise, which is what makes security the primary concern. What may or may not be apparent is that many breaches of data tend to be caused by internal users ' errors that may not even have been meant to be malicious. Liaskos and Sandy quote a study by Roman which revealed
...about 50 per cent of company management were concerned about …show more content…
Behaviors such as transferring files from a work device to a home computer that is not protected or maintained to IT’s standards, using personal communications that are not as safe as corporate communications, talking about sensitive company matters where others can hear the conversation, and failing to use a laptop privacy guard when working remotely in a public place all invite information theft. Employees also fail to safeguard equipment such as laptop computers and portable storage devices, which can be lost or stolen (Cisco Systems, 2008, p 5).
Remote access to the company 's network or the use of wireless hotspots can cause an increase in the risk of data loss, so having a second set of policies in place for when it is part of an end users job is especially important. Employees working inside a facility can be more closely monitored than those working outside of it. Even if there are measures in place for audits of the devices granted to those who work remotely, things like transfer of data to another computer or theft are much harder to counter or …show more content…
G. (2002). Basics of an IT security policy. Informally published manuscript, SANS Institute, Available from Global Information Assurance Certification. (Key fingerprint = AF19 FA27 2F94 998D FDB5 DE3D F8B5 06E4 A169 4E46). Retrieved from http://www.giac.org/paper/gsec/1863/basics-security-policy/103278
Business Research Guide. (N.D.). IT security plan. Retrieved from http://www.business researchguide.com/it-security/it-security-plan/
Cisco Systems. (2008). Data leakage worldwide: Common risks and mistakes employees make. Retrieved from http://www.cisco.com/c/en/us/solutions/collateral/enterprise- networks/data-loss-prevention/white_paper_c11-499060.pdf
Liaskos, J., & Sandy, G. A. (2004). An evaluation of Internet use policies of Victorian local government. Australian Journal Of Public Administration, 63(4), 90-100. doi:10.1111/j.1467-8500.2004.00405.x. Retrieved from EBSCOhost.
Olzak, T. & Bunter, B. (2010, May 07). Security basics - components of security policies. Bright Hub, Retrieved from http://www.brighthub.com/computing/smb-security/articles /2259.aspx
Scott, A. (2013, April). How to create a good information security policy. Computer Weekly, Retrieved from http://www.computerweekly.com/feature/How-to-create-a-good-