Violating confidential and contractual obligations as

This preview shows page 3 - 6 out of 15 pages.

violating confidential and contractual obligations as well as the loss of proprietary data that allows the company to remain competitive in the marketplace. 2.External user sends phishing emailsInternal users maintain a certain knowledge of company business that is critical to its overall success. If an external user were to obtain this confidential, proprietary information by phishing, the company can risk a devastating security breach of data. Phishing allows an external user to obtain sensitive information in order to access
MMT2 Task 34protected data by introducing malware or a virus. If the company is not utilizing effective strategies to strengthen the security policy, they make it easier for an external user to access email and attack their network. This could lead to phishing attacks that weaken the secured system. B. The effectiveness of AEnergyCompany’s security policies in regard to security threatsIT security policies can provide a foundational framework for managing technologies. They help to keep order and allow an organization to achieve its goals. With effective IT securitypolicies threats can be minimized, security breaches prevented, and an organization can manage risks. Aenergy’s policies were created for data security, accounting security, and employer security. The following will be an examination of each policy’s effectiveness in regard to security threats.Data SecurityAenergy’s employees, clients, partners, and venders must follow protocols set by Aenergyin order to diminish threats and to reduce the risk of proprietary data being given to unauthorized internal and external users. It also ensures data removed from the company physically or electronically is also classified to prevent unauthorized copying, forwarding, or any other means of sharing.Their data security policy covers both electronic data and paper-based data for internal users and external users. Aenergyutilizes strong passwords, trend analysis, access controls, and system monitoring to safeguard and implement the data security policy. The signature page of the data security policy allows the responsible party to be accountable to the requirements set forth in the data security policy. Upon receipt of acknowledgement, the company has documentation the responsible party is aware that any violation of the data policy
MMT2 Task 35can result in consequences. This policy’s main goal is user’s awareness and data loss or even leakage prevention.Accounting SecurityInternal users are given passwords and user profiles to be monitored closely as stated in the accounting security policy. This is to secure the data on the network or system from data loss breaches. The website also collects user information in an effort to monitor and track external users’ usage. If a user does not enable cookies, thus denying the ability of the company to track them, they could lose some functionality of the website. This is a deterrent for many users as if

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture