Security Policy GDI Company Case Study Example | Topics and Well Written Essays - 3000 words

Security Policy GDI Company - Case Study ExampleGiven that GDI has made significant gains in its business, there is need to preserve the potential the firm receive from its information technology assets. This bail policy understands that protecting the physical and operation security of GDI is the main challenge underlying its writing. Therefore, the report presents some(prenominal) policies that seek to protect named assets of GDI with a goal of preserving the security and operation of the firm. Vacca (2010) argues that information technology polices form the first line of defence against threats.There are several(prenominal) policies this security policy document bulgelines, which are a result of careful analysis of the firms existing network topology. Because information technology forms a critical back to the operations of GDI, a careful analysis characterized the writing of this document. Among the essential goals of the security, policies were the establishment of confiden tiality, integrity, and availability of the firms information technology asset. Policy 1 electronic mail Security PolicyEmail remains a preferred medium of communication for the GDI Corporation. Because of the widespread use of email in the firm, there is need for GDI to go for policies that will limit the button of essential loss through email rally within or outside the firm. While email is one of the more or less effective techniques for communication, firms like GDI stand a risk of exposing their data and information technology infrastructure to threats that can emerge from lack of email security policy. Bayuk, Healey and Rohmeyer (2012) get along that email remains vulnerable to a wide variety of threats such as worms. These threats can interfere with the operations of the organization, as well as chasten to the loss of data. Given the danger that could emanate from email use, this report understand the need of an appropriate email security policy, which will ensure that email exchange do not result to the loss of data, introduction of threats and breach of confidentiality. First, GDI should implement a policy that restricts its employees from sharing any fi.es that belong to the organization. This clause could limit the loss of information that GDIs employees have the privilege to view as compared to other people. This policy should be printed and given to all employees using the firms email. In addition, GDI should also mystify a policy that would restrict all the employees from using the firms email for their own private use. The use of emails for any other purpose could introduce threats such as worms. To add on this, the firms should stipulate that all employees scan their emails to ensure that they have no threats such as worms or Trojan horse that could spy on the companys data. Policy 2 Server Security Policy GDI master of ceremoniess are essential assets that must be protected from physical and operations risks that whitethorn have profo und effect on the operations of the firm. To ensure that GDIs servers are secure, there has to be an elaborate policy in place. The server security policy calls for the hardening of GDIs server to ensure that all vulnerable areas are addressed to limit the impact of threats. This policy ensures that GDIs administrators carry out periodic maintenance of the system by applying patches and other software updates. Servers that lack essential patches are vulnerable to attacks (TechRepublic, 2004). Updating the servers by installing patches would ensure that the server is secure and up to date. Being that updates are critical to the operation of