Answer
Running Head: IT Policy 2
IT Policy 2
IT Security Policy
Student’s Name
Professor’s name
Date
According to Easttom (2019), in developing an IT security policy, numerous steps need to be followed. These steps include;
Step one
Developing Scope and accessibility helps the school management to deal with all student' data, networks, and system accessibility in terms of confidentiality, availability of the information and integrity
Step two
Developing data classification that helps in the categorization of all the information, either confidential or public. According to Sapolsky, Gholz & Talmadge (2017), this is a prime step in developing a cyber-security management program for the students as it allows the institution to come up with decisions about resource allocation while securing data from unauthorized access.
Step Three
Developing mechanisms to manage data, through making regular backups of files, protecting the stored information from viruses by installing software for anti-virus and evading accidental omission of students' information
Step Four
Developing context management that addresses all the context in place. These can be printed files, electronically stored, and spoken conversations. The importance of context in vulnerability management of students' information is, therefore, imperative.
Step Five
Developing supporting data that helps in tracking all the information about the students. It allows the institution to tell the present status of the student, whether in session or expelled. It also offers clear guidelines and responsibilities the students should follow when caught up in these situations.
Step Six
Developing specific data that allows the students to access their information wherever they are through the incorporation of secure technology feature
Step Seven
Acknowledgment of consequences that include all the aftermaths of offering data to the dropout students
Step Eight
Developing an acceptable use of student policy, that allows the management to come up with decisions on how to handle a particular case as per the students’ data which are uploaded and updated frequently
Step Nine
Developing an auto-generated email policy, that allows the management to send emails to the students to enable them to access any feedbacks and updates.
Step Ten
Developing a Mobile device policy for growth, flexibility and remote access to students’ data through the generation of OTP when they are logging in
Step Eleven
Developing a network security policy to protect the integrity of the information through the application of some security procedures, firewall and logins authentication, auto-generated OTP with a secure connection when student logs in remotely
Step Twelve
Developing a password policy to enable students to handle their data against a cyber breach. In this case, the student will be required to come up with a strong password with an alphanumeric format
References
Easttom, C. (2019). Computer security fundamentals. Pearson IT Certification.
Sapolsky, H. M., Gholz, E., & Talmadge, C. (2017). US defense politics: The origins of security policy. Taylor & Francis.