Network Security Policy Paper

  • Objective

The Internet open nature makes it fundamental for Global Distribution, Inc. (GDI) to focus on its networks security. As GDI move more of their organizational activities to the open network, they must take safety measures to make sure that the data or information cannot be stolen and that the information is not available to individuals who are not approved to access it. Arguably, unlawful network access by a discontented member of staff or outsider hacker can lead to obliteration or damage to proprietary information; hence, unconstructively affecting business production, and obstruct the capacity to compete. What’s more, network access by unauthorized individuals can as well damage connections with clients and confederates, who may perhaps question the capacity of the organization to guard its private data. Thus, devoid of a security policy, the accessibility of the organization network can be attacked. In this regard, the policy will commence with examining the threat to the network and developing policies that can assist to solve such issues. Continuance of the policy needs enforcement of a security amendment administration practice and network monitoring for safety infringements.

2.0 Policy

  • The policy of Global Distribution, Inc. (GDI), in every of its structures: on paper, verbal, printed, or recorded by electronic means will be secured from unintentional or on purpose illegal alteration, obliteration or revelation all through its life cycle. What’s more, this security entails a suitable echelon of protection over the tools and software employed to develop, amass, and broadcast that data.
  • Every policy and process has to be recorded and made accessible to persons liable for their enforcement and acquiescence. Every behaviour recognized by the procedures and policies must as well be recorded.  Every document, which may possibly be electronically amassed, should be preserved for duration not less than six years subsequent to first formation, or, concerning the policies and processes, after modifications are completed.  Every document must be evaluated occasionally for currency and suitability, a time period to be decided by all entities in GDI.
  • At every individual and/or unit level, extra standards, policies, and procedures will be formulated featuring the adoption of this policy and standards sets, as well as handling any extra IS usefulness in such department. Every policy at department level ought to be reliable with this policy and every adopted system subsequent to the effectual time of these policies must abide by policy provisions where feasible.
  • The data security scope entails the security of Confidentiality, Integrity, and Availability of information.
  • The structure for administering information defence in this policy is relevant to every Global Distribution, Inc. (GDI) entity and worker, as well as other concerned individuals and every drawn in System all through the Global Distribution, Inc.
  • All standards and this policy are relevant to all secured information

3.0 SCOPE

4.0 GDI’s Important Assets That Needs Protection

Over and over again the most precious assets in an organization are not the weighty tools or moving parts in the industrial unit, but rather the elusive assets woven all over the organization’s fabric. Fundamentally, it is these proprietary and elusive assets that can help GDI to differentiate itself from opponents. Elusive assets like trade secrets, intellectual property, customer lists, pricing formulas, recipes, business plans, and the like are characteristically the basis whereupon an organization is incorporated in an enterprise world filled with competitors who are copycats (Macfarlane et al., 2012). Exclusive of the capability to fasten these assets down to the base, then the business must be astute to build up a policy to appropriately secure its elusive assets, which as a result, enables the organization to develop and flourish against its opponents. Some of the important GDI assets that need protection include: Asynchronous Transfer Mode switches, Closet switches, Network routers, External e-mail server, DNS and DHCP servers, ISDN or dial up servers, Oracle database, Firewall, and Internal e-mail server (Unal & Caglayan, 2013).

5.0 Risk Assessment

  • Contemporary networks are extremely enormous, incredibly unified, and run both ever-present proprietary protocols and modus operandi (like IP. For that reason, they are time and again open, and a possible assailant can with virtual simplicity connect to, or distantly gain entrance to such networks. Extensive IP internetworking heightens the likelihood that further assails will be performed over enormous, profoundly unified networks, like the Internet (Karyda et al., 2005).
  • Computer applications and systems that are connected to such networks are turning out to be more and more multifaceted. Based on security, it turns out to be more complicated to examine, protect, and appropriately assess the computer applications and systems security. In essence, when such applications and systems are connected to enormous networks, the threat to computing radically heightens (Macfarlane et al., 2012).
  • Even though worms, viruses, and attackers control the headlines concerning data safety measures, risk management remains to be the most essential feature of security structural design for the system administrators. Risk management, which is to a small extent is an exhilarating and alluring domain, it is derived from explicit concepts and principles that are interconnected to asset security and protection administration.
  • Some of the vulnerabilities that GDIs can be exposed to include design errors, policy flaws, protocol flaws, software susceptibilities, misconfiguration, human factor, and hostile cipher

6.0 Network Security Policies Needed By GDI

6.1 Analogue/ISDN Line Policy: will describe the standards to utilise in ISDN and analogue lines for transmitting and receiving faxes and for PC connection (Paquet., 2013).

6.2 Remote Access Policy: will classify the standards for integrating to the company network from any network or host, which is outside the organization.

6.3 Personal communication device policy: will identify the data security’s prerequisites for private communication gadgets, like Smartphone, voicemail, and tablets.

6.4 VPN Security Policy: will define the specifications for far-flung access Layer 2 Tunnelling Protocol (L2TP) or IP Security (IPSec) VPN links to the company network.

6.5 Information sensitivity policy: will label the prerequisites for categorizing and protecting data in a way suitable to its level of sensitivity (Paquet., 2013).

6.6 Global web server policy: will characterize the standards that are needed by every web host like ISO 27001, which specifies mandatory requisites for putting into a place an Information Security Management System (ISMS).

6.7 Application service provider (ASP) policy: will delineate the least protection criterion that an ASP has to carry out before the company utilises the services of ASP on a project.

6.8 Router and switch security policy: will describe the least security formation standards for switches and routers within an organization production network or utilised in a manufacturing level (Paquet., 2013).

6.9 Wireless communication policy: will describe wireless systems standards that are utilised to bond to the networks of the company.

6.10 Network access standards: will classify the standards for safe manual port access for every wireless and wired data ports of the network.

6.11 Database credentials coding policy: will describe the specifications for protectively amassing and extracting database usernames and secret codes.

6.12 Automatically forwarded email policy: will file the policy limiting automatic email forwarding to an exterior target exclusive of prior endorsement from the right administrator or manager (Paquet., 2013).

 

What We Offer:

  • On-time delivery guarantee
  • PhD-level professionals
  • Automatic plagiarism check
  • 100% money-back guarantee
  • 100% Privacy and Confidentiality
  • High Quality custom-written papers

 

7.0 Data Classification

Data Classification will be utilised to support appropriate controls for protecting the privacy of data. In spite of classification the precision and integrity of every information classification will have to be secured. The classification allocated and the connected controls used will be reliant on the sensitivity of the data. In essence, data must be classified based on the most susceptible aspect it entails and data recorded in numerous formats will have similar classification heedless of format (Karyda et al., 2005). In this regard, the following ranks are to be employed when classifying data:

7.1 Confidential Data

  • Confidential data is extremely vital and exceedingly susceptible material and this data is naturally classified or otherwise perceptive and must be limited to those with a justifiable business necessity for right to use.
  • Confidential data examples may possibly comprise: workers data, fundamental fiscal data, data document encryption keys, system access passwords, and proprietary data of business-related research guarantors.
  • Unofficial leak of this data to individuals lacking a business necessity for right to use may possibly infringe rules and regulations, or can lead to major crisis for GDI, its clients, or its commerce associates. Resolutions concerning the provision of right to use this data must at all times be cleared by the owner of data (Unal & Caglayan, 2013).

7.2 Internal Data

  • In-house data is planned for open use in Global Distribution, Inc, and in a number of cases in allied companies like Global Distribution, Inc business partners. Fundamentally, this form of data is by now extensively-distributed in Global Distribution, Inc, or it might be as a result circulated in the organization devoid of advance authorization from the owner of data.
  • Internal data examples may possibly comprise: internal procedures and policies, workers directories, and in-house e-mail messages.
  • Any data not openly classified as GDI, Public or Confidential will, automatically, be classified as in-house data.
  • Unlawful revelation of this data to strangers may not be suitable because of contractual or legal provisions (De Albuquerque et al., 2010).

7.3 Open Data

  • Open data has been purposely accepted for public usage by a chosen authority in all entities of Global Distribution, Inc.
  • Open data examples may possibly comprise: advertising catalogues and material posted to Global Distribution, Inc entity online web pages. This data may perhaps be revealed outside of Global Distribution, Inc.

8.0 Computer and Data Control

Every involved data and computer system is an asset of Global Distribution, Inc and must be secured from exploitation, illegal exploitation, and obliteration. Such security measures may perhaps be software and/or manual based.

8.1 Software Ownership: Every computer software designed by GDI workers or contract staff on behalf of GDI or approved for GDI application is an asset of GDI  and ought not to be copied for usage at workers residence or any other site, except otherwise identified by the permit accord.

8.2 Installed Software; essentially, every software package installed on networks and computers in GDI must abide with appropriate licensing agreements and limits and have to abide with GDI software policies acquisition (Unal & Caglayan, 2013).

8.3 Virus Security: systems for virus checking endorsed by the Information Services have to be deployed through a multi-layered approach that makes sure every electronic document is suitably examined for viruses. Furthermore, users are not approved to power off or stop systems for virus checking.

8.4 Access Controls: electronic and manual access to GDI, private and in-house data and resources for computing will be controlled.  What’s more, to certify suitable access levels by internal employees, a number of protection measures will be introduced as suggested by the Information Security Officer and consented by GDI. Devices to control access to GDI, secret and in-house data will include authorization (Macfarlane et al., 2012).

8.4.1 Authorization: Access in this regard, will be approved on a “desire to discern” base and have to be approved by the owner of application and immediate supervisor with the ISO help. Based on that, any of the below highlighted techniques are suitable for offering access under the outlined policy:

  • Role-established access: An option to conventional right to use control paradigms (such as open or non-open access control policies) that allows the requirement and implementation of business-specific protection policies in a manner that plots more logically to GDIs composition and production activities. In this regard, all users are allocated to one or extra predefined role, all of which have been allocated diverse licences essential to carry out that role.
  • Context-established access: essentially, access control anchored in the business framework (in preference to being founded on features of the inventor or aim). The “outside” aspects may comprise user location, time of day, and potency of user verification (Karyda et al., 2005).

What We Offer:

  • On-time delivery guarantee
  • PhD-level professionals
  • Automatic plagiarism check
  • 100% money-back guarantee
  • 100% Privacy and Confidentiality
  • High Quality custom-written papers

References

De Albuquerque, J.P., Krumm, H. & de Geus, P.L., 2010. Formal validation of automated policy refinement in the management of network security systems. International Journal of Information Security, 9(2), pp.99-125.

Karyda, M., Kiountouzis, E. & Kokolakis, S., 2005. Information systems security policies: a contextual perspective. Computers & Security, 24(3), pp.246-60.

Macfarlane, i. et al., 2012. Formal security policy implementations in network firewalls. Computers & Security, 31(2), pp.253-70.

Odom, W. (2013, February 5). Security Policies > Network Security Concepts and Policies. Cisco Press: Source for Cisco Technology, CCNA, CCNP, CCIE Self-Study. Retrieved August 9, 2013, from http://www.ciscopress.com/articles/article.asp?p=1998559&seqNum=3

Unal, D. & Caglayan, M.U., 2013. A formal role-based access control model for security policies in multi-domain mobile networks. Computer Networks, 57(1), pp.330-50.

 

What We Offer:

  • On-time delivery guarantee
  • PhD-level professionals
  • Automatic plagiarism check
  • 100% money-back guarantee
  • 100% Privacy and Confidentiality
  • High Quality custom-written papers

GET THIS ASSIGNMENT DONE FOR YOU NOW

NETWORK SECURITY POLICY PAPER
Order Now on customessaymasters.com