Depending on the situation, IT disaster recovery is a stand-alone concern or part of a broader business continuity effort. This considers types of backup sites, office PCs, and the restoration of data and programs. IT disaster recovery looks specifically at the technical aspects of how a company can get IT back into operation using backup facilities. IT disaster recovery is a business concern because decisions that seem purely technical may have major implications for the business that IT professionals may not accept and should not have the authority to make.
Review information assurance policy templates via the SANS policy template site (https://www.sans.org/security-resources/policies), your Course Project 1 feedback, and select a template of your choice; such as the General / Acceptable Encryption Policy to download either the doc or pdf file. Utilize the downloaded template, from the SANS Policy website, your Course Project 1 feedback, and the Course Project Grading Rubric as a guide to provide a 5-page write-up presenting an information assurance policy of your choice for a hypothetical company or an existing organization of your interest. You will need to have the following components included in your proposed information assurance policy:
Overview
Purpose
Scope
Policy Compliance
Related Standards
Definitions
Terms
Discuss each component and the specific information to be included within each section of the policy.
Elite bet betting company have a fair use policy as one of their information assurance policyWillett, K. D. (2008). It is illegal to use any information about the company without the patent rights for using the datna. According to Ventre, D. (2012)an information assurance policy refers to the formulated guidelines that govern the use of specific information within the company such that all the users of the organization's data are monitored by the organization's system hence prevent hackers from unauthorized access to the company's information.
According to United States. (2013) , the acceptable use policy was formulated by SANS Institute for all the internet users and is freely applicable in any organization
The acceptable policy was not intended to restrict the company from enjoying their culture of openness, trust, and integrity(Susilo, W., & Mu, Y. 2014), It seeks to protect the employees, partners and elite bet company from disallowed or damaging actions either purposely or unintentionally from individuals within or outside the organization. Schou, C., & Shoemaker, D. (2007) states that the policy acknowledges the ownership of; the software, URL, the internet/intranet/Extranet-related systems by the company. The systems are mainly meant to facilitate business operations for the company for the achievement of the company's set objectives. The system run by the organization should also be used for the interest of the customers in the course of their normal business operations in gambling.According to the Royal College of Psychiatrists. (2010), All the employees have the responsibility of protecting the company's information for the adequate security of the data.
The policy is meant to highlight the adequate security measures when dealing with the company's information systems(Rowlands, I. 2012). The company has come up with various ways to protect the information from unauthorized access such as the provision of a password for logging in by the employees. , the antivirus systems have to be installed to protect the systems from virus attacks, and cybersecurity systems have also been established in the company's software to prevent the compromisation of the network systems, services, and legal issues(Papanicolas, I., & Smith, P. 2013).
Lee, D. H., & Workshop on Information Security Applications. (2012) state that the policy applies to information which might be electronic and also its implemented in the usage of computer devices and resource networks to facilitate gambling activities for elite bet subscribers and through interaction with other network systems that provide live score updates and how the matches are fairing. According to Keyser, T., & Dainty, C. (2018),the contractors, consultants and all the other employees are responsible for exercising good judgment in line with the correct use of information, the electronic devices within the company and network resources as per the company’s stipulated policies. The policy applies to all the company assets.
Grieves, M. (2012) states that all the employees for elite bet company have to comply with the stipulated policy in the following ways:
All the information and the assets are the company property and should be protected
All the individuals have the mandate to report them immediately
theft, loss or unauthorized access to the private company information
Necessary information should always be used when accomplishing the company's assigned tasks
Purpose
Various departments within the company are responsible for creating the guidelines regarding personal internet usage
Authorized personnel within the company should monitor the internet usage for security and network maintenance purposes.
Auditing of the network systems should be done regularly to ensure compliance with the stipulated rules and regulations.
System-level and user level passwords must comply with the Password Policy for the company which provides only a single password for the users
Providing access to another individual’s portal either deliberately or through failure to secure his or her access illegal.
Every person You must lock the screen or log off when the device is unattended to prevent unauthorized access to the information
Employees are prohibited from using the organizational website for show off or posting their own issues and applies to any worker in any organization unless posting is in the course of business duties.
Employees must use extreme caution when opening email attachments from spammers due to malware invasion to the organization system.
Employees are encouraged to have an access to a host if that host is disrupting production processes so as to take immediate action(Chen, X., & Inscrypt. 2018).
Copying of materials written by others as yours and the installation of any copyrighted software for which or the end user does not have the patent rights is prohibited.
Logging into the website , a server or an account for any purpose other than conducting business, even if you have authorized access, is prohibited
Introduction of malicious programs into the network or server (e.g., viruses, worms, Trojan horses, e-mail bombs,
Sharing of your account password to others is illegal since they might share wrong information without your consent and you will end up been followed up for the mistakes you are not aware of
Misusing the company’s computers through visitation of pornographic websites is prohibited hence illegal since the information obtained might lead to secxual harassment
Manipulation of user authentication or security of any host, network or account for personal gain is prohibited
Introducing honeypots, honeynets, or similar technology on the network is illegal foer security purpose
Interuption of other organization,s network through interfering with their network systems is prohibited
Providing information about, or lists of, employees to outsiders is illegal due to security of such employees
Email and Communication Activities
According to Boyd, C., & Simpson, L. (2013), empoyees using company computers to access and use the Internet must realize that they are representatives of the company and whenever employees state affiliation to the company when giving opinions on issues relating to the company ,they must also clearly indicate that the expressed opinions are there own and not necessarily those of the companyand any issues that arise may be addressed to the IT Department of the company and violation of these policy isd illegal
Sending of spam messages to other people from the organization’s website or emailing of people with out their permission is not allowed
Harrassing others either through email, pager ,facebook or any other social platform is prohibited and is punishable by law
According to Asia Joint Conference on Information Security, & IEEE Computer Society. (2013) , Posting non business related messages to the online platform where employees discuss business issues is prohibited such as on whats app or facebook platform
It states that all the data in the system should be arranged systematically for easy retrieval of the desired information.
Security measures should be put in place to ensure that the company's critical data cannot be accessible to outsiders.
The policy stipulates that the employees should not disclose crucial facts about the company to social media for the privacy of information purpose
A computer software that enables the user to accesss the internet
Refers to an electronic device that processes the information input into output as per the user requirement
When the information is displayed to only the desired people
A set of rules and practices that specify or regulate how a system or organization provides
security services to protect sensitive and critical system resources.
Is a computer installed program that facilitates the functioning of the various computer installed applications
Electronic junk mail or junk newsgroup postings.
References:
Asia Joint Conference on Information Security, & IEEE Computer Society. (2013). AsiaJCIS 2013: 2013 Eighth Asia Joint Conference on Information Security : proceedings : 25-26 July 2013, Seoul, South Korea.
Boyd, C., & Simpson, L. (2013). Information Security and Privacy: 18th Australasian Conference, ACISP 2013, Brisbane, Australia, July 1-3, 2013. Proceedings. Berlin, Heidelberg: Springer.
Chen, X., & Inscrypt. (2018). Information security and cryptology: 13th international conference, Inscrypt 2017, Xi'an, China, November 3-5, 2017 : revised selected papers.
Grieves, M. (2012). Information Policy in the Electronic Age.
Information and Privacy Commissioner/Ontario. (2007). Your privacy and Ontario's Information and Privacy Commissioner. Toronto: Author.
Keyser, T., & Dainty, C. (2018). The Information Governance Toolkit: Data Protection, Caldicott, Confidentiality.
Lee, D. H., & Workshop on Information Security Applications. (2012). Information security applications: 13th international workshop : revised selected papers. Heidelberg: Springer.
Papanicolas, I., & Smith, P. (2013). Health System Performance Comparison: An Agenda for Policy, Information and Research.
Rowlands, I. (2012). Understanding Information Policy.
Royal College of Psychiatrists. (2010). Good psychiatric practice: Confidentiality and information sharing. London: Author.
Schou, C., & Shoemaker, D. (2007). Information assurance for the enterprise: A roadmap to information security. Boston: McGraw-Hill Irwin.
Susilo, W., & Mu, Y. (2014). Information Security and Privacy: 19th Australasian Conference, ACISP 2014, Wollongong, NSW, Australia, July 7-9, 2014. Proceedings. Cham: Springer.
United States. (2013). Homeland Security Information Network improvements and challenges.
United States. (2013). Reducing over-classification of DHS' national security information.
Ventre, D. (2012). Information Warfare. London: Wiley.
Willett, K. D. (2008). Information assurance architecture. Boca Raton: CRC Press.
To export a reference to this article please select a referencing stye below:
My Assignment Help. (2021). Information Assurance Policy For Elite Bet Gambling Company Essay.. Retrieved from https://myassignmenthelp.com/free-samples/cpsc3600-information-security-and-assurance/information-assurance-policy.html.
"Information Assurance Policy For Elite Bet Gambling Company Essay.." My Assignment Help, 2021, https://myassignmenthelp.com/free-samples/cpsc3600-information-security-and-assurance/information-assurance-policy.html.
My Assignment Help (2021) Information Assurance Policy For Elite Bet Gambling Company Essay. [Online]. Available from: https://myassignmenthelp.com/free-samples/cpsc3600-information-security-and-assurance/information-assurance-policy.html
[Accessed 22 November 2024].
My Assignment Help. 'Information Assurance Policy For Elite Bet Gambling Company Essay.' (My Assignment Help, 2021) <https://myassignmenthelp.com/free-samples/cpsc3600-information-security-and-assurance/information-assurance-policy.html> accessed 22 November 2024.
My Assignment Help. Information Assurance Policy For Elite Bet Gambling Company Essay. [Internet]. My Assignment Help. 2021 [cited 22 November 2024]. Available from: https://myassignmenthelp.com/free-samples/cpsc3600-information-security-and-assurance/information-assurance-policy.html.