Designing Security Policy for a Named Company of Your Choic

Designing Security Policy for a Named Company of Your ChoiceDefinition of a Policy
By definition, security policy refers to clear, comprehensive, and well-defined plans, rules, and practices that regulate access to an organization’s system and the information included in it. Good policy protects not only information and systems, but also individual employees and the organization as a whole.
A policy generally has these characteristics:
• Communicates a consensus of judgment
• Defines appropriate behavior for users
• Identifies what tools and procedures are needed
• Provides directives for Human Resources action in response to inappropriate behavior
• May be helpful if it is necessary to prosecute violators

Purpose. The purpose of this project is to ensure that appropriate measures are put in place to protect “Your Company’s” information and the Information Technology Services (ITS) systems, and equipment of the infrastructure.

Don't use plagiarized sources. Get Your Custom Essay on
Designing Security Policy for a Named Company of Your Choic
Get an essay WRITTEN FOR YOU, Plagiarism free, and by an EXPERT!
Order Essay

Requirements:
a. Students are required to select a company of their choice. It could be an existing company or your own creation. This is an individual project; not a group project!

b. For the company/organization you selected or made up, create a comprehensive Security Policy you deem appropriate to address all aspects of their infrastructure. Please bear in mind that the purpose of this document is to ensure that appropriate measures are put in place to protect corporate information and the Information Technology Services (ITS) systems, services, and equipment of “Your Company” and associated infrastructure. This means that the policy aspects you select should address all the functional areas of the organization. First, conduct a brief research of the company you intend to use for this project to learn more about their security functional areas. This will help you to determine the policy aspects you should use.

Policy Templates designed for this purpose are available for use by the public from the SANS website at no cost (pages 4 – 5). A minimum of TWELVE aspects must be selected from all the FOUR major functional security areas (General Security, Network Security, Server Security, Application Security). Many of the Aspects listed in each main Security Functional area also have sub-categories, so you may have to dig further down to download those specific policy documents. Don’t use any policy that is not applicable to “Your Company”. For example, there is no need to use the Lab Security Policy if your company doesn’t have a lab.

Your duty is to search and replace all generic company names in the template documents with your chosen “Company Name”. You also have to customize the templates to match the needs of your company. Each template comes in pdf or Word format. For easy editing, it is recommended that you download the Word format. Your document should be formatted in sections by each Security Policy Aspect. For example, if “Acceptable Use Policy” ends in the middle of page 20, start the next policy aspect on page 21.

c. Table of Content (ToC) – Create ToC listing all the policy and sub policy aspects used in your document.

d. Abstract – Create an Abstract describing the company’s functional security areas and explaining the need of this document by your company. In simple terms, describe/state how the company will benefit from this Security Policy document.

e. Formatting – Since this is a formal document, it must be formatted appropriately. Page number the document, create Header/Footer, insert company logo at appropriate page location, spell-check the entire document. You may use APA style for this project. Abstact and ToC pages should be numbered in Roman Numerals (not counted towards total page-count). Apply regular page-numbering to the remaining document (Page 1 and up)

f. Definition of Terms – Use this section to help non-technical readers understand the technical jargons used in the document. The Templates provide that so use them.

g. References – Make sure to cite all used documents, graphics, etc., that were not your own creation.

h. Cover page – Create appropriate title for the cover page, stating phrases like: “Security Policy for Company Name”, Prepared by Your Name”, “Date/Semester”, etc. Simply, be creative!

i. Submit a hard copy to your professor and upload a digital copy to Blackboard Dropbox as instructed by your professor. Store your copy in a safe place for future reference. You never know when…!

Words of Encouragement:
Don’t see this as a tedious task. Enjoy doing it and learn useful lessons from it. Read this email statement from a former student who completed this project years ago:
“I wish to thank you for assigning the Security Policy project and guiding us through the process. On my new job, one of the first tasks I was assigned to do along with two other coworkers was to create a Security Policy for the company. The other two individuals had no clue as to how to start the project. Our job became much easier when I showed them my Monroe Project.”

Note: See next two pages for the SANS website address (URL) and other pertinent information.

https://www.sans.org/security-resources/policies
Find the Policy Template You Need! Below are links to the Policy Documents.
General
• Acceptable Encryption Policy
• Acceptable Use Policy
• Clean Desk Policy
• Data Breach Response Policy
• Disaster Recovery Plan Policy
• Digital Signature Acceptance Policy
• Email Policy
• Ethics Policy
• Pandemic Response Planning Policy
• Password Construction Guidelines
• Password Protection Policy
• Security Response Plan Policy
• End User Encryption Key Protection Policy
Network Security
• Acquisition Assessment Policy
• Bluetooth Baseline Requirements Policy
• Remote Access Policy
• Remote Access Tools Policy
• Router and Switch Security Policy
• Wireless Communication Policy
• Wireless Communication Standard
Server Security
• Database Credentials Policy
• Technology Equipment Disposal Policy
• Information Logging Standard
• Lab Security Policy
• Server Security Policy
• Software Installation Policy
• Workstation Security (For HIPAA) Policy
Application Security
• Web Application Security Policy
CAUTION: Policy, Standard, Guideline are terms often confused by many students.
The following definitions of Security Policy, Standard, and Guidelines, by SANS will be helpful as you plan your research project
A policy is typically a document that outlines specific requirements or rules that must be met. In the information/network security realm, policies are usually point-specific, covering a single area. For example, an “Acceptable Use” policy would cover the rules and regulations for appropriate use of the computing facilities.
A standard is typically a collection of system-specific or procedural-specific requirements that must be met by everyone. For example, you might have a standard that describes how to harden a Windows 8.1 workstation for placement on an external (DMZ) network. People must follow this standard exactly if they wish to install a Windows 8.1 workstation on an external network segment. In addition, a standard can be a technology selection, e.g. Company Name uses Tenable SecurityCenter for continuous monitoring, and supporting policies and procedures define how it is used.
A guideline is typically a collection of system-specific or procedural specific “suggestions” for best practice. They are not requirements to be met but are strongly recommended. Effective security policies make frequent references to standards and guidelines that exist within an organization.

Homework Sharks
Order NOW For A 10% Discount!
Pages (550 words)
Approximate price: -

Our Advantages

Plagiarism Free Papers

All our papers are original and written from scratch. We will email you a plagiarism report alongside your completed paper once done.

Free Revisions

All papers are submitted ahead of time. We do this to allow you time to point out any area you would need revision on, and help you for free.

Title-page

A title page preceeds all your paper content. Here, you put all your personal information and this we give out for free.

Bibliography

Without a reference/bibliography page, any academic paper is incomplete and doesnt qualify for grading. We also offer this for free.

Originality & Security

At Homework Sharks, we take confidentiality seriously and all your personal information is stored safely and do not share it with third parties for any reasons whatsoever. Our work is original and we send plagiarism reports alongside every paper.

24/7 Customer Support

Our agents are online 24/7. Feel free to contact us through email or talk to our live agents.

Try it now!

Calculate the price of your order

We'll send you the first draft for approval by at
Total price:
$0.00

How it works?

Follow these simple steps to get your paper done

Place your order

Fill in the order form and provide all details of your assignment.

Proceed with the payment

Choose the payment system that suits you most.

Receive the final file

Once your paper is ready, we will email it to you.

Our Services

We work around the clock to see best customer experience.

Pricing

Flexible Pricing

Our prces are pocket friendly and you can do partial payments. When that is not enough, we have a free enquiry service.

Communication

Admission help & Client-Writer Contact

When you need to elaborate something further to your writer, we provide that button.

Deadlines

Paper Submission

We take deadlines seriously and our papers are submitted ahead of time. We are happy to assist you in case of any adjustments needed.

Reviews

Customer Feedback

Your feedback, good or bad is of great concern to us and we take it very seriously. We are, therefore, constantly adjusting our policies to ensure best customer/writer experience.

See all services
× Contact Live Agents
Verified by MonsterInsights