4/24/13
Information Systems Security
Unit 4 assignment 1- Enhance an Existing IT Security Policy Framework
1.0 Purpose
The purpose of this policy is to define standards for connecting to Richman Investment's network from any host. These standards are designed to minimize the potential exposure to Richman Investment from damages which may result from unauthorized use of Richman Investment resources. Damages include the loss of sensitive or company confidential data, intellectual property, damage to public image, damage to critical Richman Investment internal systems, etc.
2.0 Scope
This policy applies to all Richman Investment employees, contractors, vendors and agents with a Richman Investment -owned or personally-owned computer or workstation used to connect to the Richman Investment network. This policy applies to remote access connections used to do work on behalf of Richman Investment including reading or sending email and viewing intranet web resources. Remote access implementations that are covered by this policy include, but are not limited to, dial-in modems, frame relay, ISDN, DSL, VPN, SSH, and cable modems, etc.
3.0 Policy 1. It is the responsibility of Richman Investment employees, contractors, vendors and agents with remote access privileges to Richman Investment’s corporate network to ensure that their remote access connection is given the same consideration as the user's on-site connection to Richman Investment.
2. General access to the Internet for recreational use by immediate household members through the Richman Investment Network on personal computers is permitted for employees that have flat-rate services. The Richman Investment employee is responsible to ensure the family member does not violate any Richman Investment policies, does not perform illegal activities, and does not use the access for outside business interests. The Richman Investment employee bears responsibility for the consequences should the access is