2. SECURITY POLICY
A security policy in business is a document that states in writing how a company plans to
protect the company’s physical and information technology (IT) assets. Written policies are
essential to a secure organization. The specific policies that an organization implements as well
as the amount of detail it contains will change as the company grows. This paper will discuss
policies to implement to maintain company security and how the implementation is
achieved.Deutsch, W. (n.d.)
Internet Usage
An internet usage policy should address whether or not employees are allowed to use
company computers for personal use and whether or not software may be downloaded by anyone
than a system administrator. The company should research whether or not instant messaging may
be used during company time and on company equipment.Deutsch, W. (n.d.)
Email/Social Networking
Email and social networking technologies make it very simple to circulate information.
Email policies should address pertinent content for the company emails and social media pages.
Companies need to assume that nothing will stay private on the internet.Deutsch, W. (n.d.)
Visitor Management
3. An unescorted or unauthorized visitor can be a physical threat or can also steal sensitive
information. Steer all visitors into a controlled entry point if possible. It can be a gate or
receptionists desk. When a company writes its visitor policy it should be decided if the visitor is
escorted at all times or just in certain areas. A visitor being required to wear a badge and sign in
and out is a way to ensure company security. The visitor management policy should be
communicated so clearly that employees can serve as the company’s eyes and ears as they feel
more comfortable approaching or reporting suspicious activities.Deutsch, W. (n.d.)
When the security policy is drawn up, revised and agreed upon, the implementation will
follow. A proper implementation requires not only educating staff on each of the primary
elements flagged as critical in the formal security policy, but also changing their role in the effort
to protect company data. The final version of security policies must be made available to all the
company’s employees having access to any of the company information assets.Deutsch, W.
(n.d.)
4. REFERENCES
Deutsch, W. (n.d.). 6 Security Policies You Need. Retrieved from
http://bizsecurity.about.com/od/creatingpolicies/a/6_policies.htm