Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • KFF IT Security Policies Week 1

    Enviado por

    Tamika McCants
    16 visualizações4 páginas
    CGMT/400 Week 1 KFF IT Security Policies

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    DOCX, PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    CGMT/400 Week 1 KFF IT Security Policies

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato DOCX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    16 visualizações4 páginas

    KFF IT Security Policies Week 1

    Enviado por

    Tamika McCants
    CGMT/400 Week 1 KFF IT Security Policies

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato DOCX, PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 4

    1

    KFF IT Security Policy and Training


    CGMT/400
    2


    KFF IT Security Policy and Training

    There are many policies that are needed to ensure the protection of the company and customer
    data involved in the Frequent Shopper Program. Items to identify are the policies related to the
    use and handling of data that help in determining defensive measures and procedures that will be
    used by the company. These policies include users, IT, and general policies of the company.
    User Policies- should define what users are allowed to do with the network and data as
    well as defining the security settings that will affect users. These policies include
    password policies, proprietary information use, internet usage, system use, virtual private
    networks and remote user system usage, and acceptable use of hardware and software as
    well as Email and IM policies. Employee management and training procedures belong in
    this category.
    IT Policies- these policies should define the policies that the IT department uses to
    manage and govern the network for security. These policies also include general policies
    for the IT department. Policies include firewall policies, virus incident policy, security
    incident policy, client update, backup policy, data recovery policy, policies for
    configuration, patch updating, modification policies, router and switch policies, VPN
    policies, and wireless policies.
    General policies-should define who is responsible for the policies, as well as business
    continuity planning, backup and recovery policies. These include crisis management and
    disaster recovery.

    3


    In addition, there must be policies set for the classification of data. There are three
    general classifications of data; high risk, confidential and public.
    General classification data that is protected by legal governing bodies
    will fall into this category, as well as, payroll and human resources data
    will fall into this classification.
    Confidential classification data that is not protected by legal governing
    bodies, but should be protected from non-authorized disclosure will fall
    into this classification.
    Public classification data that free to be shared with the public will fall
    into this classification.

    Using these steps Learning Team D is certain KFF will be able to put in place strong
    security policies that will ensure all business users and IT will understand how to
    understand how data is stored digitally within the organization.









    4


    References:
    http://www.comptechdoc.org/independent/security/recommendations/secpolgen.html
    Kostadinov, D. (2012). Key Elements of an Information Security Policy. Retrieved from
    http://resources.infosecinstitute.com/key-elements-information-security-policy/

    Você também pode gostar