Cybersecurity Planning And Management Creating Compan 073819

Cybersecurity Planning And Managementcreating Company E Mailwifiinte

Cybersecurity Planning and Management Creating Company E-mail/WIFI/Internet Use Policies You have just been hired as the Security Manager of a medium-sized Financial Services company employing 250 people in New Hampshire, and have been asked to write two new security policies for this company. The first one is an e-mail policy for employees concentrating on personal use of company resources. The second policy is that of WIFI and Internet use within the company. There are many resources available on the web so researching these topics and policies should be easy. The most difficult part of this exercise will be determining how strict or how lenient you want to make these policies for this particular company.

Project Plan You are asked to create two separate policies on use of EMAIL and a WIFI/INTERNET USE within the company. Be specific in your terms and conditions of use. Consider these items to be included in your policies (as applicable). 1. Overview 2. Purpose 3. Scope 4. Policy 5. Policy Compliance 6. Related Standards, Policies and Processes 7. Definitions and Terms Some useful links and resources for your research:

Paper For Above instruction

Introduction

Effective cybersecurity policies are vital for safeguarding organizational resources, especially for financial institutions that handle sensitive data. As the newly appointed Security Manager at a medium-sized financial services company in New Hampshire, my task is to develop comprehensive email and internet/Wi-Fi usage policies that define acceptable behaviors, outline responsibilities, and establish compliance standards. These policies will serve as critical frameworks to ensure responsible use of company resources while minimizing cyber risks and maintaining operational integrity.

Overview and Purpose

The purpose of the email policy is to delineate appropriate personal and professional use of the company's email system to prevent misuse, reduce security vulnerabilities, and protect confidential information. The Wi-Fi and internet policy aims to regulate internet browsing, secure wireless networks, and prevent activities that could compromise company security. Both policies are designed to align with best practices, legal requirements, and organizational standards.

Scope

These policies apply to all employees, contractors, interns, and authorized users accessing company resources, including company-provided devices, email accounts, and wireless networks. They cover all organizational digital communications and internet access within the premises or remotely where access is granted.

Policy Content

Email Use Policy

The email policy emphasizes that company email accounts are for business-related communication. Limited personal use is permitted but must not interfere with work responsibilities or violate security standards. Employees must avoid sending or receiving sensitive data without encryption, refrain from opening suspicious attachments or links, and ensure that their email activities comply with legal and organizational standards.

Wi-Fi and Internet Use Policy

Thewi-Fi and internet policy requires that wireless networks be secured with strong encryption and unique passwords. Employees are prohibited from accessing malicious sites, downloading unauthorized software, or engaging in activities such as torrenting or online gaming during work hours. Use of the internet for personal purposes should be minimal, appropriate, and compliant with security policies.

Policy Enforcement and Compliance

Compliance with these policies is mandatory. Violations may result in disciplinary actions, including termination, legal penalties, or reputational damage. Regular audits and monitoring will be performed to ensure adherence. Employees are encouraged to report violations or security concerns to the IT security team.

Related Standards and Definitions

These policies complement existing organizational standards such as data protection policies, acceptable use policies, and confidentiality agreements. Definitions of key terms such as “sensitive data,” “encryption,” “unauthorized access,” and “acceptable use” are included to clarify expectations and responsibilities.

Conclusion

Implementing clear and comprehensive email and Wi-Fi/internet usage policies is essential for maintaining cybersecurity resilience. By outlining responsibilities and security practices, the policies will help protect organizational assets, ensure compliance, and foster a security-conscious culture within the financial services organization.

References

- Cybersecurity and Infrastructure Security Agency (CISA). (2021). Acceptable Use Policy. Retrieved from https://www.cisa.gov/

- National Institute of Standards and Technology (NIST). (2018). Framework for Improving Critical Infrastructure Cybersecurity. NIST Cybersecurity Framework.

- SANS Institute. (2020). Security Policy Resources. Retrieved from https://www.sans.org/

- Federal Financial Institutions Examination Council (FFIEC). (2017). Guidance on Cybersecurity in Financial Institutions.

- International Organization for Standardization (ISO). (2013). ISO/IEC 27001 Information Security Management Systems.

Related Assignments