Purchase Solution

Information Security and Ethics: Protection Policies and Procedures

Not what you're looking for?

Ask Custom Question

Taking care of information falls to those who own the information to develop ethical guidelines about how to manage it. Treating sensitive corporate information as a valuable resource is good management. Building a corporate culture based on ethical principles that employees can understand and implement is responsible management. Organizations should develop written policies establishing employee guidelines, procedures, and organizational rules for information.

E-policies typically include: Ethical computer use policy, Information privacy policy, Acceptable use policy, email privacy policy, Internet use policy, and Anti-spam policy.

What are security policies or e-policies? Explain three security policies that you would primarily recommend to an organization to have as a minimum and why? How security policies should be implemented in organizations?

Purchase this Solution
Solution Summary

The answer to this problem explains the protection methods of information related assets. Two references related to the answer are also included.

Solution Preview

(1) What are security policies or e-policies?

The security policies or e-policies state in writing how the company will protect its information technology assets. This policy is continuously updated as technology, employees and threats change. The policy will include a section on how the company plans to inform its employees about protecting information related assets. There will also be a section that describes how the effectiveness of the security policy will be evaluated. Security policies protect the firm from breach of security. It is an important part of the operations of the information systems. Currently, it is advisable that information security requirements comply with ISO17799 security standard. The security policy lists administrative controls such as corporate security policy, and password policy. The policy contains different security controls for each classification of information. For example, role based access controls are used in database management systems.

In a large organization the security policy has provisions for the appointment of the chief information security officer. His role is defined. This position is distinct and different from that of the Systems Administrator. The security policies or e-policies include policies for information classification, contingency planning, and physical safety. There are policies related to communication and connectivity. These include rules applicable when the system is connected to internet, vulnerability scanning, and network management. The security measures applicable to external connections, security of e-mail, and wireless networks are also listed. Currently, the policies have a section on the use of smart phones, and electronic signatures.

An important aspect of security policies or e-policies is user registration and management. Access control forms an important aspect of security policies or e-policies. In a large organization there ...

Solution provided by:
Hatim Baxamusa, MBA
Education
  • BSc , University of Calcutta
  • MBA, Eastern Institute for Integrated Learning in Management
Recent Feedback
  • "I read your comments, and thank you for this feedback. Do I need to find other studies that applied this methodology Ive used? That's where I'm stuck at."
  • "Thank you kindly sir. "
  • "Excellent and well explained. --Thank you kindly. "
  • "Awesome notes. I appreciate you."
  • "I have the follow-up project and I will assign that to you very soon. "
Purchase this Solution
Free BrainMass Quizzes
MS Word 2010-Tricky Features

These questions are based on features of the previous word versions that were easy to figure out, but now seem more hidden to me.

Change and Resistance within Organizations

This quiz intended to help students understand change and resistance in organizations

Balance Sheet

The Fundamental Classified Balance Sheet. What to know to make it easy.

Paradigms and Frameworks of Management Research

This quiz evaluates your understanding of the paradigm-based and epistimological frameworks of research. It is intended for advanced students.

Basic Social Media Concepts

The quiz will test your knowledge on basic social media concepts.

View More Free Quizzes
Related BrainMass Solutions

  • Ethics and Cyber Security for Students

    computer technology such as creating social policies and laws for cyber-security and cyber-etiquette.

  • Legal, Ethical and Regulatory Issues

    Privacy policies and procedures should be clearly explained to the customers as the protection of consumer privacy rights is a legal duty of every business and it leads to a good business performance.

  • Information Security and Ethics

    The solution discusses information security and ethics.

  • Legal and Security Implications of E-Businesses

    Network security management - formal policies and procedures will be established to provide network and infrastructure protection against all known security threats.

  • Managing Ethics within Information Systems (IS)

    544701 Managing Ethics within Information Systems (IS) Briefly discuss the various organizational approaches to managing ethics within an IS. Policies and procedures must exist for any employees who have access to IS data.

  • ORGANIZATION SECURITY POLICY SAFEGUARDING TECHNOLOGY

    Security management consists of nurturing a security-conscious organizational culture, strong security policies, developing tangible procedures to support security, and managing the myriad of pieces that make up the system.

  • Bank Encounters a Security Breach

    Assume you have been hired to assess the problems and recommend policies and procedures to put into place so this could not happen again. a. What is the first task you would do as part of an Incident Response? b.

  • ethical practices and the protection of customer data

    One key point to remember is that in order to achieve privacy, the industry must cover fundamental security policies and practices.

  • Orbitz Internet Site

    p_sid=3__mdBni Security & Privacy What's a cookie and what should I do about cookie warnings? Is my personal information and billing information safe? Where can I view your Privacy Policy?

View More Related Solutions