Operation security

I.T. Security Policy

According to our scenario, without having the Internet policy it can cause a problem. The following pages will describe in detail. Information Technology (I.T.) security is a process of which where all the rules and procedure related I.T. field are created, managed, and destroyed as per the requirement of the management for those who are accessing and uses all the I.T. assets and resources of the company. The resources can be an Internet, computer, printer, scanner, or any other devices which are on technical side and employers can exchange the information over to medium easily. According to (What is an it security policy?, n.d.) illustrated that, I.T security for any organization works on CIA (Confidentiality, Integrity, and Availability ) principal.

In the first stage of Confidentiality where policy protects all the hardware, software, and data from unauthorized users. Integrity makes sure that whoever is accessing the information must be legal candidate. Availability state confirms that all authorized users can get continuous access. I.T. security policy may focus on to the different area likewise Internet Usage Policy, External Device Usage Policy, Computer Usage Policy, and Employee Identity Policy.

Internet Policy can control on to the usage of Internet and improper use of the Internet also. Internet at workplace is for work related purpose only, not for the personal uses. The companies who don’t have the Internet Policy they can see the misuse of Internet. Employee may use for Social Media, Entrainment, Shopping, or for any other reason and which can affect to the company in indirect way. Therefore, the companies must do have internet policy.

According to Policy (n.d.) stated that, employers may not allow to use the websites which contains any phonographic websites, or discriminates websites, social media websites, or any other E-commerce websites which are not related to work. According Heatfield (2018) accumulated that, “only authorized employers can use the Internet for additional uses which may include e commerce websites through which they can purchase the stuff for a company.”

Policy (n.d.) distinct that, “computers, emails, and websites which are open for the used by employees they must be monitored by the company’s I.T. team. The I.T. team should have all the rights to log in their account can check or block the websites for an individual employees are not obeying rules. The company’s portal should be filtered one, depending on their job function the kind of internet speed and websites can be served only.

Moving on to Universal External Drive, Scout (2012) declared that, “USB functions slots must be enabled / disabled or controlled by the I.T. team members. The reason behind it universal external drives used by different locations and it may contain the viruses also which can harm the computer and to the whole network of a company. All the devices must be registered with the company’s system so whenever an employee wants to transfer the information they have to go to certain chain where all the information in the USB drive are scanned and then send so company can keep eye on them.

Computer usage policy it’s a process in which the computer which is allotted for any individual employee that must be used by specific employee only. This policy must include the passwords, and log in id’s through which they access the computer. The company can avoid unauthorized use of computer by the third party. The companies must do have two way authentication system if any someone log on to the someone else computer then user can notified by email or text message that’s the way they can secure the data also.

Lastly, Employee Identification System it can set up via different methods. Firstly, the ID card with clear picture so security checks can match the face with card easily. Employee Identification Number plays a crucial role also once you punch in the system everything comes out. Nowadays, the airport and government highly strict areas comes with the Biometric technique where employee have to scan their ID card first, then retina scan , and fingerprint scan test are taken. The result of it, 100% authentication can be generated no illegal entries can enter to the organization.

On to conclusion, I.T. security policy is a one of the good feature for any organization where company can control misuse of internet, and illegal unauthorized entries to the company who tries to access the resources and the company’s confidential data/ information. This feature takes the security to next level.

References

Heathfield, S. M. (2018). A sample internet and email policy for employees. Retrieved from https://www.thebalancecareers.com/internet-and-email-policy-sample-1918869

Policy, S. J. (n.d.). A sample company policy on e-mail and Internet usage. Retrieved from https://apps.americanbar.org/buslaw/blt/ndpolicy1.html

Scout, C. (2012). 12 Security best practices for usb drives. Retrieved from https://cyberscout.com/education/blog/12-security-best-practices-for-usb-drives

What is an it security policy? (n.d.). Retrieved from https://www.paloaltonetworks.com/cyberpedia/what-is-an-it-security-policy