Security Policy GDI Company Case Study Example | Topics and Well Written Essays - 3000 words

Security Policy GDI Company - Case Study Example tending(p) that GDI has made significant gains in its business, in that respect is need to preserve the capability the firm receive from its study engineering assets. This security policy under affiliations that protecting the physical and operation security of GDI is the main challenge rudimentary its writing. Therefore, the report presents several policies that seek to protect named assets of GDI with a goal of preserving the security and operation of the firm. Vacca (2010) argues that information technology polices form the first line of defence against threats.There atomic number 18 several policies this security policy muniment outlines, which ar a result of careful analysis of the firms existing network topology. Because information technology forms a critical backbone to the operations of GDI, a careful analysis characterized the writing of this document. Among the essential goals of the security, policies were the establi shment of confidentiality, integrity, and availableness of the firms information technology asset. Policy 1 electronic mail Security PolicyEmail remains a preferred medium of communication for the GDI Corporation. Because of the widespread use of electronic mail in the firm, there is need for GDI to implement policies that will limit the loss of essential loss through email central within or outside the firm. While email is one of the most meative techniques for communication, firms like GDI stand a risk of exposing their data and information technology infrastructure to threats that can emerge from lack of email security policy. Bayuk, Healey and Rohmeyer (2012) contend that email remains vulnerable to a wide variety of threats such as worms. These threats can interfere with the operations of the organization, as well as lead to the loss of data. Given the jeopardy that could emanate from email use, this report understand the need of an appropriate email security policy, which will come across that email exchange do not result to the loss of data, introduction of threats and breach of confidentiality. First, GDI should implement a policy that restricts its employees from sharing any fi.es that belong to the organization. This clause could limit the loss of information that GDIs employees receive the privilege to view as compared to other people. This policy should be printed and given to all employees using the firms email. In addition, GDI should also produce a policy that would restrict all the employees from using the firms email for their own one-on-one use. The use of emails for any other purpose could introduce threats such as worms. To add on this, the firms should fix that all employees scan their emails to ensure that they have no threats such as worms or Trojan gymnastic horse that could spy on the companys data. Policy 2 Server Security Policy GDI servers are essential assets that must be protected from physical and operations risks that ma y have profound effect on the operations of the firm. To ensure that GDIs servers are secure, there has to be an elaborate policy in place. The server security policy calls for the hardening of GDIs server to ensure that all vulnerable areas are addressed to limit the impact of threats. This policy ensures that GDIs administrators carry out periodic maintenance of the frame by applying patches and other software updates. Servers that lack essential patches are vulnerable to attacks (TechRepublic, 2004). Updating the servers by installment patches would ensure that the server is secure and up to date. Being that updates are critical to the operation of