Sales Toll Free:
chat off
   
inkflow
 
Home > Sample Essays > Analytical > Public Policy Issues for Privacy and Liability to Security Goals > Buy essay
← Leading With Honor The Bhopal Disaster →
Live Chat

Custom Public Policy Issues for Privacy and Liability to Security Goals essay paper writing service

Buy Public Policy Issues for Privacy and Liability to Security Goals essay paper online

Introduction

Studies indicate that while attacks on computers by outside intruders are more publicized, attacks perpetrated by insiders are very common and even more damaging.Janczewski (2008) says that being able to identify employee’s behavior that might enhance or hinder Firion’s security is significant given that today employees tend to be regarded as the weakest link of organizational security. Firion should capture the behaviors normally exhibited by employees in order to determine if they are malicious or beneficial to the company. In today’s information age and society, information technology end user communities mostly consist of employees. This fact increases the amount of human mistakes within an organization (Janczewski, 2008). Firion management should not ignore employee’s behavior because they are responsible for insuring the sensitive information’s security and privacy.   

Brief History of the Company and Industry

0
0
DAYS
:
0
0
HOURS
:
0
0
MINUTES
:
0
0
SECONDS
Discount Code

The Firion Corporation manufactures, fabricates, and sales particular jackets worn in waste dumping and additional protection interrelated applications. Located at a study laboratory near a big university, Firion Corporation manufactures latest glove blueprints and coverings, which are vended through comprehensive and small retail outlets. Firion also controls a number of plants and store in diverse parts of the country.  Firion’s Corporation expansion procedure is proprietary and if exposed to its rivals could potentially cause a momentous loss of status and income.   Security policy structure as it relates to individuals is more multifarious than procedures designed to constitute a firewall or file share authorization. Compared to computers that merely process ones and zeros, individuals need to appreciate the rationale and aim of a specific security policy.  

Human Factors related to Cyber Security Policy

The inadequacy of many existing security solutions to address real life human behavior presents the company with a set of challenges on how to better incorporate human factors into solutions (Probst, Hunker & Gollmann, 2010). Firion Corporation’s important problem is to align security policies with organization workflow, or stated simply, security should support people doing their jobs. According to Probst, Hunker & Gollmann (2010), compliance with security policies of Firion is hard; to make compliance easy for insiders is absolutely necessary for any successful effort to constrain insider threats. Probst, Hunker & Gollmann (2010) says that successful security for Firion Corporation needs to demonstrate to insiders the value of security not just the requirement for security.

Motive and intent matter a great deal but multiple motivations may map into a single intent. Policies need to be shaped and evaluated in terms of their human impact. Probst, Hunker & Gollmann (2010) indicated that the psychological contract with employees generally means that policies need to be made more manageable and that there is need to find a way of testing policies to remove redundant policies. The ideal would be a small set of consistent security policies related to behaviors, and fit with business processes and organizational values and norms. Probst, Hunker & Gollmann (2010) explained that failing to engage staff in secu8rity may be the norm, but this lack of engagement weakness security.

Security will only work for Firion Corporation when people feel that they are part of a larger community. Firion should conduct specialized internal exercises with most or all the insiders to identify both the set of useful and acceptable policies, and unique context which may result in generalized policies in conflict with organizational needs. Probst, Hunker & Gollmann (2010) noted that many suspicious activities which can be observed are correlated with insider threat behavior, but not causally linked. For the company, security is context dependent. The importance of context in addressing insider threats poses a number of challenges. According to Probst, Hunker & Gollmann (2010), capturing qualitatively the various situations that might arise in Firion is itself probably impossible, though effective dialogue between those defining security controls and those working as insiders in the company will eventually help. 

Human factor does play its own role in relation to the issues that are being posed by technology itself. Sundaram & Umarhathab (2011) indicated that all technologies alone will not be able to be utilized to its most potential without the intervention of human factor, like the policies and procedures.

Public Policy Issues for Privacy and Liability to Security goals

It is the policyof Firion to prevent and minimize disruptions to critical infrastructures and thereby protect its employees, essential and critical company information and ensure secure transmission of company information across the board. Choi & Fischer (2005) indicated that disruptions that do occur should be infrequent, of minimal duration and manageable and cause the least damage to the company. Public policy issues for privacy and liability to security goals as indicated by Choi & Fischer (2005) requires a continuous effort to secure information systems for critical infrastructure and therefore should take into account public and private partnerships.

As Firion Corporation moves to security of its information in the cyberspace, the CIO of Firion should note that most critical infrastructure is in private hands yet problems in these sectors arising from inadequate cyber security could nave implications well beyond the company itself. Choi & Fischer (2005) argues that the growing amount of personal information including financial information that is communicated through cyberspace makes it increasingly attractive to thieves and other criminals, making law-enforcement function of company more relevant to cyber security.   

Cyber Security Policy for Firion Corporation

Purpose

The purpose of this policy is to provide guidance that limits cybercrime within the company through the use of corporate, computational, functional and security baselines that have received substantial public review and have been proven to work effectively (Rittinghouse & Hancock, 2003). 

Scope

This policy applies to all Firion Corporation employees and affiliates.

Policy

The cyber security policy has three main elements which include internal policy content, a discussion on compliance and monitoring and an enforcement component (Westby, 2004). Firion Corporation employees must understand that the company’s security policies are taken seriously and set parameters for the performance of their responsibilities (Rittinghouse & Hancock, 2003). There are four levels of security policies that Firion should apply and they include corporate, functional, computing and security baselines.

Corporate security

These are overarching statements regarding the operations of Firion. This type of security seeks to cover topics such as acceptable use of technology, e-mail, use of wireless devices, remote access, protection and non-infringement of intellectual property (Westby, 2004). This section should also address digital risk management and business continuity and they should be concise, easy to understand, enforceable and static.

Functional security

Functional security will govern operational functions of Firion Corporation. Westby (2004) says that the functional policy will be ensure that all information has elevated protection, be authorized by chief information officer before dissemination. The policy further clarifies that the CIO states how information is encrypted and instruct his personnel which destination the information should be send to.

Computing security

This type of policy will establish standards for the computing environments within Firion Corporation. This policy is incline within ensuring cyber security is achieved within the organization. The policy states that network should be available and reliable 24/7, designated security software should be availed for the server environment, use of public and private key encryption standards for PC and laptops. The policy also requires that backups should be conducted daily to achieve business continuity requirements (Westby, 2004).  

Security baseline

This type of policy sets the minimum security requirements for the daily operating environments within Firion Corporation. The security baseline policy states that employees should utilize strong password content controls and they should the company’s recommended authentication and authorization technologies (Westby, 2004). The security baseline policy defines how to handle cyber attacks, investigations, and anomalies and states what information must be recorded and tracked.

Enforcement

Any employee found to have violated this policy might be subject to disciplinary action up to and including termination of employment.

How each Policy Item can help Mitigate Threats to Security Goals

Security is only as good as its weakest link and people are the weakest link in the chain. Gori (2009) says that while the human factor is generally accepted as a significant issue by the security community, because most users interact with computer on a daily basis. Gori (2009) further comments that common security mechanisms have failed to acknowledge even the rudimentary usability and human computer interaction design principles such as minimizing user’s mental workloads, task context or an understanding of user motivation and self-image.

The security baseline policy helps mitigate threat in that people within the company are forced to change their passwords. The company ensures that when security conflicts with a user’s production task, they often respond by circumventing security mechanisms and perceive security as something that does not make their life difficult (Gori, 2009).

For functional security policy, Firion’s CIO should note that if he was to strengthen cyber security, the problem must be viewed as more than a technical challenge. Gori (2009) says that for the functional security policy to work, security as a system must be engineered around the people who use it, the context within which it is used and it’s surrounding environmental conditions.

Computational security policy will the company to ensure that the security systems of the future are highly convenient, largely transparent to end users, fully integrated across security domains, threat aware and able to modify security policies. Gori (2009) noted that computational security can help mitigate threats by ensuring that identity, files, systems and facilities are consistently secured in a manner that maintains their privacy, yet alerts them when a potential breach has occurred. Through the computational security policy, users will be required to remember as few things as possible in order to access the company’s systems.

Conclusion

In conclusion, there are two major components necessary to ensure the wellbeing and security of any organization. These include the use of appropriate policies and technologies and appropriate employee’s behaviors which is also commonly known as the human factor. This means that managers play a vital role in exploiting these components. Janczewski (2008) thus says that the human factor calls for managers to be even more cognizant of behavioral issues relevant to cyber security and pay closer attention to the critical role every employee plays in the protection of Firion’s company information. The human factors in organizations such as Firion can help the company have a clearer grasp of employees’ behaviors and decrease cyber security threats. 

Buy Public Policy Issues for Privacy and Liability to Security Goals essay paper online

Buy essayHesitating

Related essays

  1. The Bhopal Disaster
  2. The Largest Corporate Scandals: Enron, WorldCom, Tyco
  3. Financial crisis issue
  4. McDonald SWOT Analysis
  5. Manufacturing Entry’s
  6. Leading With Honor
  7. Packaging Design Brief
  8. Kara Walker by Alice Randall
  9. Staffing Plan
  10. Sales management
discount program
why us
•  Thorough Research and Quality Writing
•  Direct Communication with a Writer
•  UK, US, Canadian, Australian Writers
•  Up-to-date Sources Only
•  Any Citation Style
•  Be Informed 24/7
•  Essay in 3, 6, 8, 12, 24, 48 hours!
•  100% Authenticity Guarantee
•  100% Privacy Guarantee
paper design
You choose font faceYou choose font face
12 point font size12 point font size
Double-spacedDouble-spaced
Over 300 words/pageOver 300 words/page
Text aligned leftText aligned left
One-inch marginsOne-inch margins
free of charge
FREE Title page
FREE Bibliography page
FREE Table of Contents
FREE Revision
free of charge
 
  • We accept:
  • Paypal
 

15% off your first custom essay order

Order now

PRICES
from $12.99/PAGE

X