A security policy is a document that provides employees with clear instructions about acceptable use of company confidential information, explains how the company secures data resources and what it expects of the people who work with this information. Most importantly, the policy is designed with enough flexibility to be amended when necessary. You are working in organization X, and you are supposed to develop an issue-specific security policy, you can pick one issue from Table.1 [1] (In the photos)

Computer Networking: A Top-Down Approach (7th Edition)
7th Edition
ISBN:9780133594140
Author:James Kurose, Keith Ross
Publisher:James Kurose, Keith Ross
Chapter1: Computer Networks And The Internet
Section: Chapter Questions
Problem R1RQ: What is the difference between a host and an end system? List several different types of end...
icon
Related questions
Question

A security policy is a document that provides employees with clear instructions about acceptable use of company confidential information, explains how the company secures data resources and what it expects of the people who work with this information. Most importantly, the policy is designed with enough flexibility to be amended when necessary.

You are working in organization X, and you are supposed to develop an issue-specific security policy, you can pick one issue from Table.1 [1] (In the photos)

Your Task is:

  • To develop the different sections of your policy and adequate procedure(s), you can refer to SANS Policy Templates [2].

References:

[1] Developing an Information Security Policy: A Case Study Approach, Fayez Hussain Alqahtani. 4th Information Systems International Conference 2017, ISICO 2017, 6-8 November 2017, Bali, Indonesia.

[2] https://www.sans.org/information-security-policy/

Table 1. Information Security Focus Areas.
ISP focus areas
Password management
Email use
Internet use
Social networking site (SNS) usc
Mobile computing
Information handling
Sub-areas
Locking workstation
Password sharing
Choosing a good password
Forwarding emails
Opening attachments
IT department's level of responsibility
Installing unauthorised software
Accessing dubious websites
Inappropriate use of the Internet
Amount of work time spent on SNS
Consequences of SNS
Sending sensitive information via mobile networks
Checking work email via free networks
Disposing of sensitive documents
Inserting DVDs and USB devices
Leaving sensitive material unsecured
Transcribed Image Text:Table 1. Information Security Focus Areas. ISP focus areas Password management Email use Internet use Social networking site (SNS) usc Mobile computing Information handling Sub-areas Locking workstation Password sharing Choosing a good password Forwarding emails Opening attachments IT department's level of responsibility Installing unauthorised software Accessing dubious websites Inappropriate use of the Internet Amount of work time spent on SNS Consequences of SNS Sending sensitive information via mobile networks Checking work email via free networks Disposing of sensitive documents Inserting DVDs and USB devices Leaving sensitive material unsecured
Expert Solution
steps

Step by step

Solved in 2 steps

Blurred answer
Follow-up Questions
Read through expert solutions to related follow-up questions below.
Follow-up Question

A security policy is a document that provides employees with clear instructions about acceptable use of company confidential information, explains how the company secures data resources and what it expects of the people who work with this information. Most importantly, the policy is designed with enough flexibility to be amended when necessary.

You are working in organization X, and you are supposed to develop an issue-specific security policy

issue is MOBILE COMPUTING

 

To develop the different sections of your policy, you can refer to SANS Policy Templates

https://www.sans.org/information-security-policy/

Solution
Bartleby Expert
SEE SOLUTION
Similar questions
Recommended textbooks for you
Computer Networking: A Top-Down Approach (7th Edi…
Computer Networking: A Top-Down Approach (7th Edi…
Computer Engineering
ISBN:
9780133594140
Author:
James Kurose, Keith Ross
Publisher:
PEARSON
Computer Organization and Design MIPS Edition, Fi…
Computer Organization and Design MIPS Edition, Fi…
Computer Engineering
ISBN:
9780124077263
Author:
David A. Patterson, John L. Hennessy
Publisher:
Elsevier Science
Network+ Guide to Networks (MindTap Course List)
Network+ Guide to Networks (MindTap Course List)
Computer Engineering
ISBN:
9781337569330
Author:
Jill West, Tamara Dean, Jean Andrews
Publisher:
Cengage Learning
Concepts of Database Management
Concepts of Database Management
Computer Engineering
ISBN:
9781337093422
Author:
Joy L. Starks, Philip J. Pratt, Mary Z. Last
Publisher:
Cengage Learning
Prelude to Programming
Prelude to Programming
Computer Engineering
ISBN:
9780133750423
Author:
VENIT, Stewart
Publisher:
Pearson Education
Sc Business Data Communications and Networking, T…
Sc Business Data Communications and Networking, T…
Computer Engineering
ISBN:
9781119368830
Author:
FITZGERALD
Publisher:
WILEY