Done

Running Head: IT Policy 2

IT Policy 2

IT Security Policy

Student’s Name

Professor’s name

Date

According to Easttom (2019), in developing an IT security policy, numerous steps need to be followed. These steps include;

Step one

Developing Scope and accessibility helps the school management to deal with all student' data, networks, and system accessibility in terms of confidentiality, availability of the information and integrity

Step two

Developing data classification that helps in the categorization of all the information, either confidential or public. According to Sapolsky, Gholz & Talmadge (2017), this is a prime step in developing a cyber-security management program for the students as it allows the institution to come up with decisions about resource allocation while securing data from unauthorized access.

Step Three

Developing mechanisms to manage data, through making regular backups of files, protecting the stored information from viruses by installing software for anti-virus and evading accidental omission of students' information

Step Four

Developing context management that addresses all the context in place. These can be printed files, electronically stored, and spoken conversations. The importance of context in vulnerability management of students' information is, therefore, imperative.

Step Five

Developing supporting data that helps in tracking all the information about the students. It allows the institution to tell the present status of the student, whether in session or expelled. It also offers clear guidelines and responsibilities the students should follow when caught up in these situations.

Step Six

Developing specific data that allows the students to access their information wherever they are through the incorporation of secure technology feature

Step Seven

Acknowledgment of consequences that include all the aftermaths of offering data to the dropout students

Step Eight

Developing an acceptable use of student policy, that allows the management to come up with decisions on how to handle a particular case as per the students’ data which are uploaded and updated frequently

Step Nine

Developing an auto-generated email policy, that allows the management to send emails to the students to enable them to access any feedbacks and updates.

Step Ten

Developing a Mobile device policy for growth, flexibility and remote access to students’ data through the generation of OTP when they are logging in

Step Eleven

Developing a network security policy to protect the integrity of the information through the application of some security procedures, firewall and logins authentication, auto-generated OTP with a secure connection when student logs in remotely

Step Twelve

Developing a password policy to enable students to handle their data against a cyber breach. In this case, the student will be required to come up with a strong password with an alphanumeric format

References

Easttom, C. (2019). Computer security fundamentals. Pearson IT Certification.

Sapolsky, H. M., Gholz, E., & Talmadge, C. (2017). US defense politics: The origins of security policy. Taylor & Francis.