logo

Security Policy and Recommendations for Dealing with Cyber Crime

   

Added on  2023-01-05

7 Pages1182 Words64 Views
 | 
 | 
 | 
Computer Forensics 1
Computer Forensics
Your Name
School-Affiliated
Security Policy and Recommendations for Dealing with Cyber Crime_1

Computer Forensics 2
Question 5: Security policy
The building and management process of security program needs effort and continuous
responsibility for managing the risks that come with the technology deployed. The security
program that is mature will contain the following;
a) The acceptable use policy
The policy shows the requirements and the constraints that the staff using the IT assets of
the organization need to accept for them to use the organization network or the company internet
of the company. This is the policy that helps in guiding the new employee sin that they are often
given this policy to read and to sign before they are granted the network ID of the company.
b) The access control policy
The policy helps the organization employees in accessing the raw data or/ and the
organization’s information systems. There are common topics that would be considered in this
policy like the NIST’s access control standard that helps in the general control and
implementation of the guides. This policy will additionally help in guiding the way unattended
workstations must be made secure, the OS and networks access controls and the organization’s
passwords complexities.
c) The information security policy
This policy basically ensures that the company staff who have access to the IT assets
within the organization’s breadth or the organization networks complies with the guidelines and
the rules that have been stated. This policy is often read and signed, this will help the employees
Security Policy and Recommendations for Dealing with Cyber Crime_2

Computer Forensics 3
recognize the presence of the rules that must be held followed with much regards to the IT assets
and information sensitivity.
d) The change management policy
This is a policy that helps in the processes of making changes to the soft wares and the
services that are offered in the organization. The primary objective of this policy is to help in the
creation of awareness and the understanding of the changes that have been proposed in the
organization to help in ensuring that the conducted changes have been methodically done to
minimize any effects on the services of the organization and the customers.
e) The incidence response policy
This is a policy that helps the organization in managing the incidents and remediate the
effects of the operations. The primary objective of this policy is to help in describing the
handling processes of any incidents with regards to reducing the business activities damages, and
minimizing the overall resources needed for the recovery.
f) The remote access policy
This is a policy that deals with the outlining and defining the acceptable methods that are
needed for remote connections to the internal networks for the organization. This policy also
restricts rules for the BYOD assets within the company.it is a policy that is key in the extension
of the private secure networks of the organization to the insecure networks outside the company
premises and the unmanaged home networks.
Security Policy and Recommendations for Dealing with Cyber Crime_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Network Security Plan Template
|3
|451
|2880

ICTNWK411 Deploy Software to Networked Computers
|16
|2787
|300

Information Security Policy - Assignment
|6
|1126
|20

Network Security Plan for First National University
|51
|10015
|210

Digital Forensics and Incident Response
|4
|727
|19

National Institute of Standards and Technology (NIST) Cyber Security Framework and Terminologies
|11
|1515
|26