Premium Essay

Cmgt-400 Security Policy Importance

In:

Submitted By densbucs
Words 1928
Pages 8
Maintaining Information Security

CMGT-400 Assurance and Security

5-25-2013

Maintaining Information Security
Maintaining the security of information couldn’t have been said any clearer than by Lindsey Walker of InfoSec Island, when in 2010 she wrote an article about sensitive information becoming breached. She said “Preventing information security breaches needs to become a main priority for any company when handling both customer and company information”. Sharing information has become much easier than in previous years, from the widespread mainstream use of USB thumb drives or the constant urge to share some secret news or research on Twitter and other social media. The need for a company to constantly review and update their information security policy periodically has never been greater than now.
Security Policy
An Information security policy should be written in a way that defines how digital information should be protected and accessed by all company employees. Most information that is used to define the Information Security Policy can be gathered by first running a risk analysis report. These reports look at your business model and create a data structure that can be used to inform a company about where their greatest risks are within the company and around the entire work place. Certain “must-have” check boxes for items that should be included in an information security policy are Acceptable Use Policy, Wireless Policy, Email Policy, and Encryption Policy. These are just a few. There are many more things that should be included and additional items that should be on a Policy checklist might vary with different types of businesses. An Information Security Policy also ensures a company that everyone is on the same page with how technology is used and how all or certain information should be treated in the workplace The need for a well-defined

Similar Documents

Premium Essay

Maintaining Information Systems Security

...Information Systems Security Akilah S. Huggins University Of Phoenix CMGT/400 August 11, 2014 Maintaining Information Systems Security Introduction With the growing development of information systems and networks, security is a main concern of organizations today. The fundamental objectives of information systems security are privacy, integrity, and accessibility. The foundation of organization's security lies in planning, creating and actualizing proper information systems' frameworks' security strategy that adjusts security objectives with the organization's requirements. In this paper the objective is to describe the importance of policies and standards for maintaining information systems security. Specifically, the paper include the discussion of the role employees—and others working for the organization to maintain the information systems security. Also the position paper aim to examine the different levels of security and how an organization can provide the proper level of effort to meet each information security need and how this relates to what is in an organization’s information security policy. Thesis Statement The aim and objective of the underlying paper is to analyze and evaluate the phenomena of maintaining information system security. Importance of Policies and Standards for Maintaining Information Systems Security. Information system security policies primarily address threats. The policies and the tactics...

Words: 1235 - Pages: 5

Premium Essay

Securing Information

...Securing and Juan Protecting Information CMGT / 400 February 9, 2015 Anthony Seymour Securing and Protecting Information When do you have to pay attention to the security requirements of your information system? From the very earliest stages of planning for the development of the system to its final disposal is the advice of the National Institute of Standards and Technology (NIST).  By considering security early in the information system development life cycle (SDLC), you may be able to avoid higher costs later on and develop a more secure system from the start.  The System Development Life Cycle (SDLC) The system development life cycle starts with the initiation of the system planning process, and continues through system acquisition and development, implementation, operations and maintenance, and ends with disposition of the system. Specific decisions about security must be made in each of these phases to assure that the system is secure.   The organization develops its initial definition of the problem that could be solved through automation.   Also during this early phase, the organization starts to define the security requirements for the planned system. Management approval of decisions reached is important at this stage.  During this initiation phase, the organization establishes the security categorization and conducts a preliminary risk assessment for the planned information system.  Categorization of the information system using federal...

Words: 1328 - Pages: 6

Premium Essay

Kudler Fine Foods

...CMGT/400 Final Project Kudler Fine Foods IT Security report This table is developed to help us identify the top threats with the new customer rewards program that we are putting into play. Kudler Fine Foods is getting a new and improved system that will help them keep track of the shoppers purchase activities. This table was developed by us in hopes of letting them know the vulnerabilities’ and threats that may arise while doing so. Also we have drafted a summary of the threats that we the team feel will be very influential to this process. This security report and presentation is what we have prepared in hopes of gathering this information that it will help them with their new system. Table of Threats Area of System | Threats | Potential Vulnerability | Loyalty Program | External and Internal Users | Loss of customer financial data, loss of customer privacy information. | System Network Access | Internet | Hackers can gain customer and business info. Loss of Revenue, Loss of customer data. | Employees (Kudler) | Information misplacement | Accidental loss of customer data, Loss of Revenue | Point of Sale System | Unauthorized user | Data breach, loss of customer information, company data loss. | | | |   |   |   | You have to also consider your technical security when starting any kind of project such as this frequent shopper program. You have firewall that is needed to help defend the server and stop a data breach. The user configuration that...

Words: 1511 - Pages: 7

Premium Essay

Cmgt 400 Team Final

...Running Head: KUDLER FINE FOODS IT SECURITY REPORT Kudler Fine Foods IT Security Report CMGT/400 Abstract Kudler Fine Foods is developing a customer loyalty program that will reward customers and increase sales. Kudler has requested the team to design the customer loyalty program while making sure that system meets security requirements. The following paper will describe a plan on how Kudler can achieve their goal by using the Systems Development Life Cycle or SDLC, which has five phases, and how they can use each one. As part of establishing Kudler’s reputation, the company will emphasize the need for security for the business and its customers. Introduction Kudler Fine Foods is a local business based in San Diego California that would like to increase their sales in their three other California locations. Kudler has decided to implement a customer loyalty program. The customer loyalty program will reward customers for shopping within the locations. One of the goals is to increase sales by tracking customer purchases so that sales can be more relevant and to attract customers. Kudler has decided that a development team is needed to build this new service for its customers. As part of the development, the System Development Life Cycle will be used to obtain the goal while paying attention to the security needs that the program will create. Our team will develop the SDLC and identify the potential threats and vulnerabilities have the customer loyalty program...

Words: 3313 - Pages: 14

Premium Essay

Econ 125-Hk2. Economics for Managers Exam

...our Site for More Tutorials: (http://homeworkfy.com/ ) > TAKE ASSESSMENT: EXAM 1 Question 1 2 points Save Which of the following economic systems abolishes all private property? communism socialism fascism all of the above Question 2 2 points Save The profit motive is one characteristic of a command economy. True False Question 3 2 points Save In a market system, the government enforces laws ensuring that private enterprises and conditions of competition will prevail. True False Question 4 2 points Save The most common type of business in the United States is the corporation. True False Question 5 2 points Save Laissez-faire is a policy of no government intervention in the economic activities of individuals and businesses. True False Question 6 2 points Save In a partnership, each partner’s liability is limited to his or her contribution to the partnership. True False Question 7 2 points Save There are no government-regulated markets in the U.S. economy. True False Question 8 2 points Save Which of the following is not among the United States’ economic goals? full employment stable prices healthy economic growth equal distribution of income Question 9 2 points Save Under the U.S. market system, land and capital goods are owned mainly by the federal government individuals...

Words: 8412 - Pages: 34