SAMPLE Security Policy - 3383 Words

Introduction: GDI background and given problem Global Distribution, Inc. (GDI) is a distribution company that manages thousands of accounts across Canada, the United States, and Mexico. A public company traded on the NYSE, GDI specializes in supply chain management and in coordinating the warehousing, staging, distribution, transportation, and wholesaler/VAR relationship for their customers. GDI employs over 3,200 employees and has been experiencing consistent growth keeping pace with SP averages (approximately 8%) for nearly six years. A well-honed management strategy built on scaling operational performance through automation and technological innovation has propelled the company into the big leagues; GDI was only recently profiled†¦show more content†¦Ã¢â‚¬Å"Unauthorized copying of copyrighted material including, but not limited to, digitization and distribution of photographs from magazines, books or other copyrighted sources, copyrighted music, and the installation of any copyrighted software for which GDI or the end user does not have an active license is strictly prohibited.† (SANS, 2006) 3. â€Å"Exporting software, technical information, encryption software or technology, in violation of international or regional export control laws, is illegal. The appropriate management should be consulted prior to export of any material that is in question.† (SANS, 2006) 4. Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, e-mail bombs, etc.). (SANS, 2006) 5. â€Å"Revealing your account password to others or allowing use of your account by others. This includes family and other household members when work is being done at home.† (SANS, 2006) 6. â€Å"Using a GDI computing asset to actively engage in procuring or transmitting material that is in violation of sexual harassment or hostile workplace laws in the user s local jurisdiction.† (SANS, 2006) 7. â€Å"Making fraudulent offers of products, items, or services originating from any GDI account.† (SANS, 2006) 8. â€Å"Making statements about warranty, expressly or implied, unless it is a part of normal job duties.† (SANS, 2006) 9. â€Å"Effecting security breaches orShow MoreRelatedSample Information Security Policy1122 Words   |  5 Pagesappropriate security for all Information Technology data, equipment, and processes in its domain of ownership and control. This obligation is shared, to varying degrees, by every member of the company. This document will: 1. Enumerate the elements that constitute IT security. 2. Explain the need for IT security. 3. Specify the various categories of IT data, equipment, and processes subject to this policy. 4. Indicate, in broad terms, the IT security responsibilitiesRead MoreDeveloping a Company Network Security Policy820 Words   |  3 Pageshands. It is because of these threats that companies create and enforce network security policies. A network security policy is a document that states how company intends to protect the company’s physical and information technology assets. (Rouse, 2007) A security policy is intended to be a living document that is constantly evolving as threats and preventative measures change. The network security policy is more than just a list of rules however, it can be used to educate users on whatRead MoreQuestions On The Customer s Data1294 Words   |  6 Pagesattacker, and informs the user that a ransom must be paid in order to regain access to their data. Paying the ransom is no guarantee that the attackers will deliver the decryption key to the data owner [16]. C. The Company (Regulatory Compliance Policies) 1. Federal: The following are a sampling of federal laws that often apply to businesses that maintain an individual’s personal and financial information. The company currently does not have the infrastructure in place to be in compliance with theseRead MoreThe Company ( Regulatory Compliance Policies )903 Words   |  4 Pages C. The Company (Regulatory Compliance Policies) 1. Federal: The following are a sampling of federal laws that often apply to businesses that maintain an individual’s personal and financial information. The company currently does not have the infrastructure in place to be in compliance with these laws. a) The Federal Rules of Civil Procedure (FRCP), Title V, Disclosures and Discovery, Rule 34, specifies that a party in a civil procedure be able: â€Å"to produce and permit the requesting party or itsRead MoreCyber Security And Internet Policy2188 Words   |  9 Pages Cyber Security and Internet Policy IT-644-OL: Technology, Law, and Policy Instructor: Martin Ignatovski Student: Akash Allamuneni Introduction: Cyber security threats change quickly as Internet increases, and also the related dangers are getting to be progressively international. Being covered against cyber security threats requires almost all end users, actually the most complex versions, to know the particular threats in addition to enhance their particular safety measuresRead MoreIs4550 Week 5 Lab1611 Words   |  7 Pagesand Audit an Existing IT Security Policy Framework Definition Learning Objectives and Outcomes Upon completing this lab, students will be able to complete the following tasks: * Identify risks, threats, and vulnerabilities in the 7 domains of a typical IT infrastructure * Review existing IT security policies as part of a policy framework definition * Align IT security policies throughout the 7 domains of a typical IT infrastructure as part of a layered security strategy * IdentifyRead MoreInformation Classification Plan For Kingsley Media Enterprises1212 Words   |  5 Pagesinformation being exposed. Proper security measures must be accompanied with information classification and practical workshops for employees to learn how to label information. Table of Contents Executive Summary I 1.0 Report Introduction 1 2.0 Classifying Information 1 3.0 Action plan 5 4.0 Recommendations 6 5.0 Conclusion 7 6.0 Reference 8 Table 1 Security Classification criteria 2 Table 2 Information Classification Sample 4 1.0 Report IntroductionRead MoreEssay On Interview In Research796 Words   |  4 PagesSample The population participants for both the interview (5) and survey (80) will consist of experts in the areas of information technology, network security, damage assessing, polygrapher, and the Information Review Task Force (IRTF). The population on average has more than thirty-four combined years of experience in areas of network systems, information security, collections, Research and Development, and working with and along the side of a prosecuted insider threat. The interviewees willRead MoreLab #8 – Assessment Worksheet1544 Words   |  7 Pagesan SQL injection to exploit the sample Web application running on that server. Learning Objectives Upon completing this lab, you will be able to: 3. Identify Web application and Web server backend database vulnerabilities as viable attack vectors 4. Develop an attack plan to compromise and exploit a website using cross-site scripting (XSS) against †¨sample vulnerable Web applications 5. Conduct a manual cross-site scripting (XSS) attack against sample vulnerable Web applications Read MoreFederal Regulation Of The United States On The Volatility Of Stock Returns1702 Words   |  7 Pagesthe volatility of stock returns for banks, savings associations, securities firms and insurance companies. Moreover, I compare the volatility dependence of stock returns for these segments with the introduction of new federal regulation, specifically the Dodd-Frank Wall Street Reform and Consumer Protection Act in 2010 (Dodd-Frank Act). Regulation of financial markets is very significant for investors in the stock markets, policy-makers, practitioners, and academicians who explore the topic very