Information Security and Ethics Essay Example | Topics and Well Written Essays - 1000 words

Information Security and Ethics - Essay Example professional ethics plays crucial role in helping information tribute measures professional to execute their duty. However, to ensure maximum information security, organizations need to institute relevant legislations to guard against information security breach. This paper explores policies and mathematical function that organizations should implement to secure their confidential information. It is crucial that security forms an integral part of organizational culture. Protecting the crocked from possible information security breach should be a major focus of the companys operational process. To achieve this, security policies or e-policies provide the fundamental framework for an organization to beef security over its crucial information. Security policies ar regulations that outline how organizational information are supposed to be used in executing daily organizational tasks and also dictate who is authorized to entryway what information. What atomic number 18 Security Policies or e-policies? A security insurance can be referred to as a chronicle that gives guidelines on how an organization intends to protect its physical as well as information technology assets. consort to Ciampa (2010), a security policy refers to a instrument that outlines the protections that should be enacted to ensure the organizations assets saying minimal risks.An organizations security policy is usually referred to as a living document because it is continuously upgraded to meet emerging organizational challenges in the face of organizational change and evolving employee requirements. The security policy of an organization usually reflects on policy implementation requirements and possible corrections in case loopholes are detected (Ciampa, 2010). Recommended Information Security Policies for Organizations Control over Access to Computer Rooms In coiffure to ensure high level security for crucial organizational information , computer entourage should be unbroken under lock and key at all times. Computer rooms should have doors fitted strongly and work by security officers at all times. In addition to locking computer rooms, there should be security officers deployed to man the doors to main information areas. Only authorized personnel should accession such(prenominal) rooms through user authentication process. Use of Passwords and Authentication Procedures The organization should have documented guidelines to control access over its crucial information areas. All computers in the organization should have passwords in relation to security demands. These guidelines need to be assessed on regular intervals. The guidelines should have password requirement and control the storage of such passwords. All users of information accessing information system of the company must be authenticated. Individuals who are authorized to access company information should have unique blend of usernames and passwords to bar unauthorized personnel or outside(a) intruders from gaining easy access to the organizations private information. Information users are held responsible for the usage of their passwords and usernames, which they should occur secret unless called upon by the chief security officer to disclose such passwords and usernames. Data Encryption policy The second policy that an organization can establish to protect its valuable information is data encryption. In recent times, there have been numerous