Wednesday, June 5, 2019
GDI Security Policy Document
GDI Security Policy Document1.0 IntroductionThis gage system policy document offers a suitable summary of the state of security concerns with the presentin mention mountain and no alteration of the information contained herein is whollyowed without the consent of the Global Distribution Inc. The document offers a brief outlay of the corporation and the structures of its state of security as well as propositions set in order to ensure a safe, secure and limpid caterpillar tread of the GDI for the best client trust and satisf goion.1.1 The Corporations BackgroundGlobal Distribution Inc. (GDI) is an internally recognized firm whose core objective is to acquaint security smooth electronic oriented assets from sellers to buyers as well as from manufactures to clients. The GDI headquarters is in the Central Business of the Washington DC in the fall in States of America and all its outlets in major cities all over the world, including cities in European nations, Africa, the Asian continent as well as the Far East, be controlled by means of a protected signal mode of communication which relies on the expertise of the best IT brains in the world. In its modest structure of operation, The GDI acts as a shipping corporation, although its operations and client trust rests on an ultra-modern state of cyber and advanced computer security platform. Just to mention, the corporation contracts in shipping high security electronic cards, gadgets, personalized fingerprint devices as well as fine secret machinery such as ultra-modern Military machinery in general among others. These electronics contain coded closed-door information and the process of successful business of GDI relies on IT expertise right from its website to its employees.1.2 Problem statementThe preparation of this document was elicited by the wiki leaks concerns that the GDI servers had been hacked by cyber criminals whose intentions were to meet certain targeted countries national banking and sec urity information in the wake of uprising terrorism and cyber thieving. The GDI officially confirms that these claims ar valid although the attempts of the attackers were counteracted by the corporations maculate computing team through the intrusion detection systems. Owing to the fact that most of the assets which are handled by the GDI are airlifted to set destinations and huge quantities of such be shipped through the sea worldwide, the awakening remindments of terror and piracy both physical and cyber based has elicited, we, the top secret management of the GDI to release this document as an act of assurance to our esteemed clients. Also, considering that possible employee interference with clients information may occur, the issue of security, and thus documenting it to the target relevant clients is a matter of great importance.2.0 Important Assets for GDIThe GDI relies on a variety of assets in its daily activities which are security oriented in all trends of their ope ration. For instance, the corporation owns a fleet of customized aircrafts and modern ships whose controls are computer based. For instance, the cargo compartments are code operated and rely on the doctrine of one time password which is generated at the headquarters. The beau monde also stocks secure servers which are intended to prevent hackers from accessing the corporations database (Laughlin, 2012). Also, the password transmission technology relies on an expiring ping signals which deters forth and back tracing by cyber insurgents. Behind the GDI security is a pile of super computers, stationed in different parts of the world and secret and secured locations, and whose input to the communication and secrecy of the corporation is immense. The corporation also harbors versatile human assets which as mentioned earlier is a team of specially trained coder and hackers. Important to note is that the corporation owns the clients good in transit and is accountable for retaining the s ecurity encrypted within the goods. Most of the times, the sellers and manufactures entrust the GDI with the duties of configuring information as required for the devices. The greatest challenge of retaining security of the information which circulates within these systems is that they are prone to cyber intrusion by malicious individuals as well as firmware.3.0 Security Architecture for GDIThe GDI puts its utmost trust within the following hierarchy or rather mountain chain of command when it comes to its security matters. The top entrusted individual is the companys chief executive officer who doubles as the president of the company. The second in the descend order are the CEOs vice presidents. Stemming down in that order are the Executive assistants who in turn issue orders to the managers. Most most-valuable to note is that these managers are specially trained IT and coding experts whose mandate is to ensure privacy of data and other credentials are upheld.The security of the servers is ensured through the new-made versions of the intrusion detection systems. In a brief overview, intercommunicate intrusion systems collect network traffic for analysis and detection. Packets are ordinarily intercepted as they move across the network between a number of hosts. The packets already intercepted are compared with a database that contains known signatures and any anomalous activity suggestive of malicious behavior is highlighted (Di Mancini, 2008). This way, our IT experts are able to check for intruders. However, the coding of the information contained in the gadgets is encrypted through the use of the supercomputers and every dispatch set encrypted with a one-time password which is sent in coded format once consignment reach destination.4.0 Ten Possible Security PoliciesThe GDI has identified that just like any other business entity it owns assets which are seek after by others. The others in this case entail competitors, hackers, criminals or even its e mployees. Due to this reason, the GDI has keynoted the importance of reshuffling its security policies. It is these security policies which outline the company rules and procedures which facilitate protect its assets from intruders. The items in the GDIs context encompass data and the valuable electronics which include ATM sets and ATM cards. Most important, these security policies shall help define the companys communication structure for the safe destination of its goals. Generally speaking, security, policies entail a governing, technical and end-user policies, all of which ought to be observed. The case for GDI is quite complex and ambitious since it ought to consider online and offline platforms bearing in mind its clients and its internal community. In this case, the possible security policies include Incidence response security policy (Security Response programme Policy), Audit/Risks assessment, security Policy, Computer Security Policy, Emails Security Policy, , Internet Security Policy, Personal devices and Mobile Security Policy, Networks, Security Policy, Physical Security Policy, Application policies, horde Security Policies, password Security policy and Wireless (Wi-Fi) Security Policy (Greene, 2006).5.0 Details and Rationale of the Ten Security PoliciesThe security policies listed under the preceding member would therefore be considered as outlined below within the GDI security system. Firstly, owing to the fact that much of the data are in softcopy format and duplicate through web data transfer protocols which then calls for sound rules.Incidence response security policyUnder this security policy, the GDI aims to ensure that sound fire of handling an encroachment by foreign individuals is handled at the preventive stage. The seriousness of this matter demands keen attention as most of the data and communication cling of the GDI is transmitted through VPNs and encrypted via Trusted Computing Based internal networks. This means that once a n intruder manages to hack the system, data will be accessed. Early provision and response policy is therefore critical.Physical security policyGenerally, physical security policies usually encompass on ensuring that the computer systems and other assets are not physically tampered with in an organization. This for instance ensures that all removable data carrying drives are not accessed manually and made away with. Cases of fire are also considered here and a alley map to addressing the same offered.Personal gadget and mobile device security policiesThis security policy aims to restrict the importing of data by any employees from the central network for any unaccounted reasons. Communication and device usage in the streams of analogue as well as ISDN lines policy need view a clear outline Define Also, image capturing devices would be a threat cause getting an image of the security centers would give intruders a road map to break into them.Server Security PoliciesAn international corporation like the GDI would definitely focus to ensure that its servers are well secured. This can be through the hiring of professional hackers and cloud computing expatriates in all ways keep testing the system and ensure that the ISP and VPNs are secure (Laughlin, 2012)..Wi-Fi Security policiesMany organizations usually install wireless networks within their premises for the fast and convenient communication among the employees. However, the focus ought to be placed on such networks as they can intimately be configured by hackers to and give an entry point to the organization enabling them to steal data. Thus, protecting such Wi-Fi networks are very critical.Passwords security policiesThese policies more often than not outline the formal protocols in which the corporate management ensures its how its passwords are safe and the chain of command in handling and usage of the same. A legal beat has to be set in place for accountability.Remote Access security policiesThis gener ally denotes the degree the surrounding community could manage to use say the Wi-Fi of a corporation. At times, when the workers are housed within the corporations premises, they usually are given passwords to access the corporations wireless network which can be vulnerable to network hackers.Computer Security policiesThe usage of both the super computers and personal computers in a multinational organization need clear guidelines since computers are very sensitive since they offer the weakest link for accessing company information. The case for GDI is similarly sensitive and more vigilant on the same since its assets are computer integrated.Data recovery and championship security policiesThese define the procedures for recovering data in case of a systems breakdown or any unexpected malfunctioning of the network devices. This would position a corporation at the vantage of all time data security.Administrators security policiesThese security policies aim at outlining how security c oncerns which entails top secrets and data sharing and circulation changes work force within the top management. Generally, most institutions provide for a hierarchical flow of data and security details from the chief executive officer to the lowest take employee in the corporation for exampleApplication policiesLast but not least, it is important to appreciate that some organizations usually develop their web applications which can be downloaded and installed by third party and clients. For instance, this could be an application regarding the tracking of items under transit, say under shipment. This can be especially prone to piracy and theft of physical assets. It is under this security policy, such matters are turn to.6.0 Ten Security Policies that should be applied to GDIThe success of any international corporation that handles huge volumes of critical data depends on the statement of policies and implementation of such. For instance, virtually all the discussed policies unde r section 5 offer a clear insight that the GDI has to apply its running to all the security policies. For instance, a summarized opinion would simply show that all the policies target ensuring data security which is the core reason as to why all need be applied for the safe and efficient running of the corporations activities and operations. Password security policies coupled with administrators security polices for instance, offer a way of addressing the commonest ways of ethical data handling and accountability would be pronounced. Likewise, the application policies ought to have clear rules of usage since without keen attention, the GDI can fall victim of organism intruded and hacked. Data Backup and recovery security policies ought to be implemented since the corporation is data and information oriented. A good system being in tool would make things better for the company. Internet, email, personal computer as well as mobile device usage, security policies within the premises b y the employees ought to be addressed and applied in the GDI on an advanced scale since most of the communications could be tapped via these avenues. The fact that the GDI organizes its infrastructure right from programs to gadgets and machinery under the control of networks therefore dictates and calls for an step up concern for all the ten security policies.7.0 ConclusionThe GDI Corporation handles huge amounts of sensitive assets and data and thus its reliability by clients rests on the team the corporation has especially the coders. In order for the GDI to run safely and secure without fear of being hacked despite its wide usage of coded data, its skilled staff ought to stay on high alert (Laughlin, 2012). Also, for effective and sustainable safety of clients data, the various security policies described shall be implemented. This way, the recent threats of attempted intrusion into the GDI servers would be minimized with greater clients satisfaction. youngs such as those witne ssed recently on wiki leaks would be a thing of the past in the GDIs context.ReferencesDi, P. R., Mancini, L. V. (2008).Intrusion detection systems. New York Springer.Greene, S. S. (2006). Security policies and procedures Principles and practices. Upper Saddle River, N.J Pearson Prentice Hall.Laughlin, C. (2012). Guide for servers. Chicago, IL Liturgy Training Publications.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment