Preview

SAMPLE Security Policy

Powerful Essays
Open Document
Open Document
3395 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
SAMPLE Security Policy
Introduction: GDI background and given problem
Global Distribution, Inc. (GDI) is a distribution company that manages thousands of accounts across Canada, the United States, and Mexico. A public company traded on the NYSE, GDI specializes in supply chain management and in coordinating the warehousing, staging, distribution, transportation, and wholesaler/VAR relationship for their customers.
GDI employs over 3,200 employees and has been experiencing consistent growth keeping pace with S&P averages (approximately 8%) for nearly six years. A well-honed management strategy built on scaling operational performance through automation and technological innovation has propelled the company into the big leagues; GDI was only recently profiled in Fortune Magazine.
The GDI security policy displays the company stand on the value and importance of GDI information infrastructure, and states that internally and externally that infrastructure is an asset, the property of the GDI, and is to be protected from unauthorized access, modification, disclosure, and destruction. (SANS, 2007) GDI is committed to protecting employees, partners, vendors and the company from illegal or damaging actions by individuals, either knowingly or unknowingly. When GDI addresses issues proactively and uses correct judgment, it will help set us apart from competitors and show our commitment to ethical practices. GDI will not tolerate any wrongdoing or impropriety at any time. GDI will take the appropriate measures act quickly in correcting the issue if the ethical code is broken. Any infractions of this code of ethics will not be tolerated. (Ethics Policy, 2008)
It will be prudent to take time to thoroughly review these proposed security policies that will explain exactly what being articulated in the previous paragraphs. I assure you, that with the outlined proposed security policies, our infrastructure will continue to function as a “guidance so that the organization can continue” to GDI’s



References: Hausman, K., Weiss, M., & Barrett, D. (2011). Comptia security sy0-301. (3rd ed.). Pearson Education, Inc. SANS Institute (2006). Email Use Policy Retrieved from http://www.sans.org/security-resources/policies/Email_Policy.pdf SANS Institute. (2007). Information security policy-A development guide for large and small companies. Retrieved from https://www.sans.org/reading-room/whitepapers/policyissues/information-security-policy-development-guide-large-small-companies-1331 SANS Institute. (2006). InfoSec Acceptable Use Policy. Retrieved from http://www.sans.org/security-resources/policies/Acceptable_Use_Policy.pdf SANS Institute. (n.d) Password Policy. Retrieved from http://www.sans.org/security-resources/policies/Password_Policy.pdf SANS Institute. (n.d) SANS Security Policy Project. Information Security Policy Templates. Retrieved from http://www.sans.org/security-resources/policies/ SANS Institute. (n.d.) Wireless Communication Policy. Retrieved from http://www.sans.org/security-resources/policies/Wireless_Communication_Policy.pdf SANS Institute. (2008) Workstation Security Policy. Retrieved from http://www.sans.org/security-resources/policies/computer.php Texas Christian University. (2013) Remote Access Policy. Retrieved from https://security.tcu.edu/RemoteAccessPolicy.htm

You May Also Find These Documents Helpful

  • Better Essays

    Whitman, M., & Mattord, H. (2004). Information Security Policy. In Management of information security(Fourth ed., p. 154). Boston, Mass.: Thomson Course…

    • 2101 Words
    • 8 Pages
    Better Essays
  • Satisfactory Essays

    When specifying security policies for an enterprise, setting security on an individual-by-individual basis provides the tightest and most personalized security. The tradeoff, however, is the increased amount of administration effort in setting up the security and maintaining it on an ongoing basis. You have been brought in as a consultant from Smith Systems Consulting to advise Riordan Manufacturing on what it will take to establish adequate enterprise security policies. You will need to prepare a 3-5 page paper that highlights why they should establish separation of duties via role assignment and how this will provide safeguards to protecting the data in their information systems.…

    • 354 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    This report gives a brief description the general security solutions planned for the safety of data and information that belongs to the organization. The outline will provide elements of a multi-layered security plan, and will indicate a general security solution for each of the seven domains of a typical IT infrastructure. Also I will describe a layer of security for each of the seven domains.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Good Essays

    Sunica Music

    • 697 Words
    • 3 Pages

    As relates to your selected scenario, give a brief 100- to 200-word overview of the company.…

    • 697 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Unit 9 Assignment 1

    • 582 Words
    • 2 Pages

    - Ensure compliance requirements of this policy concerning data at rest and role-holders access to managed networks, systems and servers…

    • 582 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    INF 325 Week 1: A Case Study

    • 2472 Words
    • 10 Pages

    Olzak, T. & Bunter, B. (2010, May 07). Security basics - components of security policies. Bright…

    • 2472 Words
    • 10 Pages
    Powerful Essays
  • Better Essays

    Cmgt400 Week3

    • 1493 Words
    • 6 Pages

    References: 1. (2010). Principles of Computer Security: CompTIA Security+ and Beyond (2nd ed.). : McGraw-Hill.…

    • 1493 Words
    • 6 Pages
    Better Essays
  • Powerful Essays

    It 244 Final

    • 2332 Words
    • 10 Pages

    Customers trust this organization with highly private personal and financial information. That makes it our responsibly to handle that information with the utmost respect and care. Through the controls and procedures outlined in this policy we can achieve those goals.…

    • 2332 Words
    • 10 Pages
    Powerful Essays
  • Satisfactory Essays

    Note. The Week Two assignment has been identified as a tool to assist in the university’s Programmatic Assessment Project. As such, completed student assignments may be periodically sampled for program analysis purposes. To assist in maintaining the integrity of the data collected, do not change the content of this assignment. Please delete this note before submitting to students.…

    • 627 Words
    • 4 Pages
    Satisfactory Essays
  • Good Essays

    Project for IS3350

    • 588 Words
    • 3 Pages

    You will gain an understanding of the aspects involved in the conception, enforcement, and implementation of security policies. You will also gain insight to risk analysis and will learn how to respond to any given situation that might arise from a violation of those security policies.…

    • 588 Words
    • 3 Pages
    Good Essays
  • Good Essays

    For the recommendations on the tiered architecture I suggest three-tier architecture. This architecture is the most common. It consists of three tiers; a presentation tier, a logic tier, and a data tier…

    • 429 Words
    • 2 Pages
    Good Essays
  • Satisfactory Essays

    NT2580

    • 1232 Words
    • 14 Pages

    ISS Information Systems Information NT2580 Introduction to Information Security © ITT Educational Services, Inc. All rights reserved. Page 5…

    • 1232 Words
    • 14 Pages
    Satisfactory Essays
  • Good Essays

    Often Information Technology Directors overlook that information security is more of a people issue rather than a technology issue. We rely heavily on people’s awareness, ethics and behavior, and an understanding of what they want to achieve is essential to accomplish the goals of business. This includes the employees that deliver services and the customers that take advantage of them, as well as the senior executives that outline the budgets.…

    • 801 Words
    • 4 Pages
    Good Essays
  • Satisfactory Essays

    Testing and monitoring security controls can come in different factors. Monitoring security is by far important because you need to know what’s going on before you can announce it. Networking abuse is by far the biggest baseline anomaly. For employees who have access to the internet, the network can be used to stream media, to access social websites and to download unauthorized software or free software which has vulnerabilities a long with that.…

    • 564 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    You Decide Assignment

    • 755 Words
    • 4 Pages

    As a company grows , changes and new policies are created to fit the fast pace industry that we live in today. And as a part of your IT staff, I 've collected some information that can help the company, with implementing a new policy when it comes with computer use. From legal reasons, virus attacks, to our network systems and services, we all need to be aware and cautious about this as a whole. The material I 'll be covering today will include all of the issues brought up by our CEO, CFO, and General Manager. In addition, an explanation on general use ownership, security and proprietary information, and unacceptable use, will be discussed.…

    • 755 Words
    • 4 Pages
    Good Essays