Security Policies
Security policies are a collection of statements formulated to guide the behavior of employees with regard to the security of an organization’s information and IT systems, etc. In this regard, there are several reasons why these policies are important. To begin with, these policies bolster the CIA (Confidentiality, Integrity and Availability) triad and describe the who, what, and why regarding the required conduct, and they play an essential role in the general security posture of a company (Bayuk et al., 2012). In particular, these policies address security threats. Threats are all over, particularly when it comes to IT security and the increase of Ransomware these days. Security policies seek to tackle those threats by, for instance, providing strategies on how to reduce the likelihood of those threats, and how the company can recover from threats that have exposed a portion of it. The policies also provide a roadmap to workers of what to do and when to do it. For instance, a password policy informs employees how to create strong passwords and how often these passwords should be changed. Without a password policy employees would thus utilize simple, easy to guess passwords that eventually increase the organization’s risk of data loss/theft.
Security policies are also important because they dictate who gets access to what. They indicate which employees are authorized to access what information, why, and reasons for accessing it (Peltier, 2016). Without these policies, every employee would access whatever company information they want and this would put sensitive company information at risk of being exposed to people with malicious intents. Importantly, the security policies highlight the consequences for failing to adhere to the rules of the organization as they pertain to IT security. This way, employees are able to appreciate the seriousness and importance of maintaining IT security. As a result, they are encouraged to play an active role in securing the company’s IT infrastructure.
Already written your paper? Make it submission-ready.
Our professional editors fix grammar, clarity, structure, and referencing mistakes that spell-checkers miss. Choose light proofreading or full structural editing — your polished, properly cited draft is typically returned within 12 to 24 hours.
✓ Plagiarism-free · ✓ 100% human · ✓ Free revisions · ✓ Confidential
🔒 No payment to start · From 3 hrs
References
Bayuk, J. L., Healey, J., Rohmeyer, P., Sachs, M. H., Schmidt, J., & Weiss, J. (2012). Cyber security policy guidebook. John Wiley & Sons.
Peltier, T. R. (2016). Information security policies, procedures, and standards: Guidelines for effective information security management. CRC Press.
Already written your paper? Make it submission-ready.
Our professional editors fix grammar, clarity, structure, and referencing mistakes that spell-checkers miss. Choose light proofreading or full structural editing — your polished, properly cited draft is typically returned within 12 to 24 hours.
✓ Plagiarism-free · ✓ 100% human · ✓ Free revisions · ✓ Confidential
🔒 No payment to start · From 3 hrs
