Security Policy
Security policy is an
official statement of guideline where people who are granted access to an
organization's technology and information must accept.
There are
many examples of security policy. Some examples includes server security policy, Email security policy and network security
policy.
Firstly, server
security policy is used to establish standards for the base configuration of
internal server equipment that is owned by a company. Effective implementation
of this policy will minimize unauthorized access to the company information and
technology.
Secondly, Email security
policy is used to achieve 3 different types of objective. Commercial objective.
productivity objective and legal objective. Commercial objective is by teaching
employees how to send effective emails and stating target answering times, you
can professionalize your email replies and therefore gain competitive
advantage. Productivity objective is by setting out rules for the personal use
of email you can improve productivity and avoid misunderstandings. Legal
objective is by clearly stating what is considered as inappropriate email
content you can minimize the risk of law suits and minimize employer's
liability by showing that the company warned employees of inappropriate email
use.
Lastly, network security policy is intended to protect the
integrity of the networks and to mitigate the risks and losses associated with
security threats of the specific network. It can be use to prevent any abuse
and inappropriate use. Network security policy can be used to control data
access and web browsing. It can also be use to enable passwords encryption and
control email attachments.
No comments:
Post a Comment