Information Security Awareness Policy

Verified

Added on 2023/06/03

AI Summary

This article discusses the importance of information security awareness policies and how they can help prevent security breaches. It includes analysis of articles from experts in the field, who offer effective methods for raising awareness and mitigating risks. The articles cover topics such as encryption, access control, training sessions, and security culture.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Information Security Awareness Policy

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1 | P a g e
Table of Contents
Introduction...........................................................................................................................................1
Information Security Awareness Policy................................................................................................1
Conclusion.............................................................................................................................................2

2 | P a g e
Introduction
Information security is a practise that is used to prevent unauthorised user to access
the data. It make sure that confidentiality, integrity and availability of data. The information
security can be achieved by using antivirus software, firewall, encryption software and
training standards. In this few articles related to information security awareness that says that
various laws and regulations are used so that they can access the data, process and store in a
way that they are secure. All the information awareness policy that is used makes sure that
confidentiality, integrity and availability is met. Information security awareness policy is
used so that employees become aware about the security threats. Information security
awareness policies are used so that risk management could be handled. Information security
states that data should be encrypted so that even in case of leakage data is not leaked. It is
also suggested that data signatures should be used so that authentication is met.
Information Security Awareness Policy
1. Lubis, A. and Lubis, M. (2017). Information Security Awareness at the Knowledge-
Based Institution: Its Antecedents and Measures. Available from
https://www.sciencedirect.com/science/article/pii/S1877050915036121 Accessed on 14
oct 21018
The article that is referred is “Information Security Awareness at the Knowledge-Based
Institution”, written by Abdul Rahman Ahlan and Muharman Lubis. In this article author
stated that that security awareness policies are needed in every organisation so that negative
effects could be encountered. Various security solutions are suggested like use of strong
passwords to access the computer. In the article it was suggested that software should be kept
up to date so that viruses are not penetrated into the system. It is also mentioned in the article
that file sharing should be avoided as it adds risk to the computer system. The sensitive
information should be encrypted so that even if the files are leaked the information is not
accessed by anyone. Information security awareness policy states that proper access control
list should be defined so that only valid and authenticated uses are able to access the
information. In this article findings are useful as they encourage stakeholders and employees
to understand information security policy behaviour. Information security threats are
increasing due to which security breaches are increasing. Thus, information security
procedures are listed so that data could be protected from all the malicious attacks.
2. Northern university, A. (2017). INFORMATION SECURITY AWARENESS
TRAINING. Available from
https://nau.edu/university-policy-library/wp-content/uploads/sites/26/Information-
Security-Awareness-Training.pdf Accessed on 14 oct 21018.
The second article that is analysed is “Information security awareness” written by northern
Arizona University. In this article author stated that awareness should be spread by training
session so all the employees become aware about the malwares that are present. It is
important to do as it was recently seen that employees are not aware about the malwares. The

3 | P a g e
reason of this policy is to make sure that all the authorised users have the understanding about
the security threats and risks. It is recommended by the author that this policy must be used to
secure the information. If comparing the suggestion with the author of the above article. It is
found in this article author states that users should become aware first and in the above article
some of the ways are offered through which data could be secured. The policy in the article
states that information security training should be developed so that current threats and
emerging threats could be resolved. Author states that prevention should be taken regarding
all the malicious activities so that information remains protected.
3. Mackay, M. and Balikhina, T. (2017). AN EFFECTIVE METHOD FOR
INFORMATION SECURITY AWARENESS RAISING INITIATIVES. Available from
http://airccse.org/journal/jcsit/5213ijcsit06.pdf Accessed on 14 oct 21018.
The third article that is analysed is “An effective method for information security awareness
raising initiatives” written by AliMaqousi1, TatianaBalikhina and Michael Mackay. In this
article author proposed various ways through which information security awareness could be
introduced. Apart from that they offered the threats that exist in the system so that users can
become aware about the IT threats. Then they are trained so that they can use the knowledge
to mitigate from the threats. The information security awareness program was developed by
the author that covers various steps; the first stage is analysis stage that identifies the security
concerns and the second stage is implementation stage that spreads the awareness and then
future designs maintain plan. In this paper, security awareness programs that are needed by
an organisation are discussed. The security culture can be created by increasing the user
awareness by making use of strong password. The author suggested that a security awareness
team should be kept that keep employees updated about all the security threats and
vulnerabilities. This paper addresses the need of security awareness in an organisation. It
makes sure that user become aware about the security concerns so that they can maintain
privacy of information.
4. Peltier, T. R. (2016). Information Security Policies, Procedures, and Standards:
guidelines for effective information security management. Auerbach Publications.
It is clearly said that security polices and procedure are important and every employee should
receive security awareness training so that attacks could be mitigated. It suggested that every
business should offer security awareness training in an organisation. It is important to educate
the staff so that they can handle the entire situation and sensitive information could be
protected. The security awareness program covers the best way through which information
breaches could be avoided, the author suggested that information and sensitive data should be
backed up so that it case of failure data could be recovered easily. Business continuity
management plan is defined so that even in case of failure information could be recovered.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

💎 Try AI Paraphraser

4 | P a g e
Conclusion
It can be concluded from the first article that data should be encrypted so that it can be
accessed only by valid user and others are not able to access the information. It makes sure
that security breaches are reduced. The other article recommended that training sessions
should be there in an organisation so that staffs become aware about the threats and risk.
Apart from that, in eth other article author suggested that access control list should be
maintained so that only valid users are able to access the information.

1 out of 5

+13062052269

info@desklib.com

Information Security Awareness Policy

Contribute Materials

Secure Best Marks with AI Grader

Paraphrase This Document

Related Documents

Risk Management

Importance of Database Security in Maintaining Confidentiality, Integrity and Availability of Information

Malicious Software Protection Policy: Articles Review

Analysis of It Security And Management

IT Security: Protective Measures, Information Security Policy, Protecting Information in Computer System, Business Use 2-key Triple DES

Uses Of Cryptography Techniques