The goal of access control policies is to prevent data from being leaked to an

The goal of access control policies is to prevent

This preview shows page 13 - 15 out of 15 pages.

answer is no then access is prevented. The goal of access control policies is to prevent data from being leaked to an unauthorized individual inside or outside the business. Workstations will be secured by utilizing timeout features that return the station to a screen saver and/or idle screen. The idle screen in question will require the user to input their password to log back in as a result of the inactivity. In addition to this should remote access be required the user must utilize a VPN along with multi-factor authentication. Physical access must be secured for any devices on site such as ID access to secure areas during and outside of business hours. Given the current size of the business enhanced security should suffice to protect assets such as ID access, electronic locks, and video cameras. If anyone that is not an employee wants to gain access to privileged areas it will require written approval from management and be logged prior to the visit. These policies will help ensure only the right individuals have access to the right devices protecting the network and data stored within. User Policy Basic user policies will be put into place for passwords, email, software installation, messaging, and workstation configuration. Passwords should never be written down under any circumstances and should be kept to a minimum complexity standard. Internet use is also important so anything inappropriate will not be accepted for browsing. This includes any illegal activity, business for another job, searching for a new job, shopping or any personal business while on the clock, and finally anything pornographic. Email attachments should also never be opened from an unknown receiver or co-worker unless
Image of page 13
the email is digitally signed. Software installation or removal must be approved by the IT department. If for any reason a user requires additional software a request can be submitted and at that point it will be determined if it is required to do their job or will make the job more efficient. Desktop configuration should also be done by the IT department. This includes changing screensavers, backgrounds, and downloading images from the internet. If for any reason these policies are broken the initial incident will result in a verbal warning or possibly more severe based on the incident. Additional incidents will lead to written warnings or a possible termination of employment. References
Image of page 14
1) Anti-Virus Policy. (n.d.). Retrieved from 2) Beaver, K. (n.d.). Check IT List: How to prevent spyware. Retrieved from - spyware 3) Adware. (n.d.). Retrieved from 4) “Hardening IIS.” OWASP, . Kumar, Chandan. “10 Best Practices To Secure and Harden Your Apache Web Server.” Geekflare, 1 Mar. 2018, geekflare.com/10-best-practices-to- secure-and-harden-your-apache-web-server/.
Image of page 15

You've reached the end of your free preview.

Want to read all 15 pages?

  • Fall '19
  • Computer Security, Web server, Transmission Control Protocol, TCP and UDP port

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes