NETWORK SECURITY POLICY PAPER

 

Network Security Policy Paper

The Internet open nature makes it fundamental for Global Distribution, Inc. (GDI) to focus on its networks security. As GDI move more of their organizational activities to the open network, they must take safety measures to make sure that the data or information cannot be stolen and that the information is not available to individuals who are not approved to access it. Arguably, unlawful network access by a discontented member of staff or outsider hacker can lead to obliteration or damage to proprietary information; hence, unconstructively affecting business production, and obstruct the capacity to compete. What’s more, network access by unauthorized individuals can as well damage connections with clients and confederates, who may perhaps question the capacity of the organization to guard its private data. Thus, devoid of a security policy, the accessibility of the organization network can be attacked. In this regard, the policy will commence with examining the threat to the network and developing policies that can assist to solve such issues. Continuance of the policy needs enforcement of a security amendment administration practice and network monitoring for safety infringements.

2.0 Policy

3.0 SCOPE

4.0 GDI’s Important Assets That Needs Protection

Over and over again the most precious assets in an organization are not the weighty tools or moving parts in the industrial unit, but rather the elusive assets woven all over the organization’s fabric. Fundamentally, it is these proprietary and elusive assets that can help GDI to differentiate itself from opponents. Elusive assets like trade secrets, intellectual property, customer lists, pricing formulas, recipes, business plans, and the like are characteristically the basis whereupon an organization is incorporated in an enterprise world filled with competitors who are copycats (Macfarlane et al., 2012). Exclusive of the capability to fasten these assets down to the base, then the business must be astute to build up a policy to appropriately secure its elusive assets, which as a result, enables the organization to develop and flourish against its opponents. Some of the important GDI assets that need protection include: Asynchronous Transfer Mode switches, Closet switches, Network routers, External e-mail server, DNS and DHCP servers, ISDN or dial up servers, Oracle database, Firewall, and Internal e-mail server (Unal & Caglayan, 2013).

5.0 Risk Assessment

6.0 Network Security Policies Needed By GDI

6.1 Analogue/ISDN Line Policy: will describe the standards to utilise in ISDN and analogue lines for transmitting and receiving faxes and for PC connection (Paquet., 2013).

6.2 Remote Access Policy: will classify the standards for integrating to the company network from any network or host, which is outside the organization.

6.3 Personal communication device policy: will identify the data security’s prerequisites for private communication gadgets, like Smartphone, voicemail, and tablets.

6.4 VPN Security Policy: will define the specifications for far-flung access Layer 2 Tunnelling Protocol (L2TP) or IP Security (IPSec) VPN links to the company network.

6.5 Information sensitivity policy: will label the prerequisites for categorizing and protecting data in a way suitable to its level of sensitivity (Paquet., 2013).

6.6 Global web server policy: will characterize the standards that are needed by every web host like ISO 27001, which specifies mandatory requisites for putting into a place an Information Security Management System (ISMS).

6.7 Application service provider (ASP) policy: will delineate the least protection criterion that an ASP has to carry out before the company utilises the services of ASP on a project.

6.8 Router and switch security policy: will describe the least security formation standards for switches and routers within an organization production network or utilised in a manufacturing level (Paquet., 2013).

6.9 Wireless communication policy: will describe wireless systems standards that are utilised to bond to the networks of the company.

6.10 Network access standards: will classify the standards for safe manual port access for every wireless and wired data ports of the network.

6.11 Database credentials coding policy: will describe the specifications for protectively amassing and extracting database usernames and secret codes.

6.12 Automatically forwarded email policy: will file the policy limiting automatic email forwarding to an exterior target exclusive of prior endorsement from the right administrator or manager (Paquet., 2013).

 

What We Offer:

 

7.0 Data Classification

Data Classification will be utilised to support appropriate controls for protecting the privacy of data. In spite of classification the precision and integrity of every information classification will have to be secured. The classification allocated and the connected controls used will be reliant on the sensitivity of the data. In essence, data must be classified based on the most susceptible aspect it entails and data recorded in numerous formats will have similar classification heedless of format (Karyda et al., 2005). In this regard, the following ranks are to be employed when classifying data:

7.1 Confidential Data

7.2 Internal Data

7.3 Open Data

8.0 Computer and Data Control

Every involved data and computer system is an asset of Global Distribution, Inc and must be secured from exploitation, illegal exploitation, and obliteration. Such security measures may perhaps be software and/or manual based.

8.1 Software Ownership: Every computer software designed by GDI workers or contract staff on behalf of GDI or approved for GDI application is an asset of GDI  and ought not to be copied for usage at workers residence or any other site, except otherwise identified by the permit accord.

8.2 Installed Software; essentially, every software package installed on networks and computers in GDI must abide with appropriate licensing agreements and limits and have to abide with GDI software policies acquisition (Unal & Caglayan, 2013).

8.3 Virus Security: systems for virus checking endorsed by the Information Services have to be deployed through a multi-layered approach that makes sure every electronic document is suitably examined for viruses. Furthermore, users are not approved to power off or stop systems for virus checking.

8.4 Access Controls: electronic and manual access to GDI, private and in-house data and resources for computing will be controlled.  What’s more, to certify suitable access levels by internal employees, a number of protection measures will be introduced as suggested by the Information Security Officer and consented by GDI. Devices to control access to GDI, secret and in-house data will include authorization (Macfarlane et al., 2012).

8.4.1 Authorization: Access in this regard, will be approved on a “desire to discern” base and have to be approved by the owner of application and immediate supervisor with the ISO help. Based on that, any of the below highlighted techniques are suitable for offering access under the outlined policy:

What We Offer:

References

De Albuquerque, J.P., Krumm, H. & de Geus, P.L., 2010. Formal validation of automated policy refinement in the management of network security systems. International Journal of Information Security, 9(2), pp.99-125.

Karyda, M., Kiountouzis, E. & Kokolakis, S., 2005. Information systems security policies: a contextual perspective. Computers & Security, 24(3), pp.246-60.

Macfarlane, i. et al., 2012. Formal security policy implementations in network firewalls. Computers & Security, 31(2), pp.253-70.

Odom, W. (2013, February 5). Security Policies > Network Security Concepts and Policies. Cisco Press: Source for Cisco Technology, CCNA, CCNP, CCIE Self-Study. Retrieved August 9, 2013, from http://www.ciscopress.com/articles/article.asp?p=1998559&seqNum=3

Unal, D. & Caglayan, M.U., 2013. A formal role-based access control model for security policies in multi-domain mobile networks. Computer Networks, 57(1), pp.330-50.

 

What We Offer: