StudyDaddy Article Writing Question 1: The Project must be a Word document that is 4-5 pages (double-spaced) on a cybersecurity topic of your choice.  I will run it through SafeAssign and Turnitin so make sure it is your own wo

Question 1: The Project must be a Word document that is 4-5 pages (double-spaced) on a cybersecurity topic of your choice.  I will run it through SafeAssign and Turnitin so make sure it is your own wo

Overview

The purpose of this policy is to make sure that this critical service remains reliable and available, and is used for purposes appropriate to the company’s mission. The email services support the activities of administration of the organization and serve as an official means of communication by and between users and staff. Use of Internet and network connectivity presents the company with new risks that need to be addressed to protect the vital information asset of the organization

Purpose

This policy applies to all members of the company who are entitled to email and internet services.


Scope

The organization provides email and internet services to staff, and to other affiliated individuals. Use of these services must be consistent with our goals and comply with local, state and federal laws and policies.

Policy

Use of incidental personal email usage is allowed with such that the primary use is job-related, and being the occasional use that it is, does not adversely impact work responsibilities or the performance of the network.


Internet usage is granted for the sole purpose of supporting business activities necessary to carry out job functions. All users must follow the corporate principles regarding resource usage and exercise good judgment in using the Internet.


Employees may no longer access the contents of their mailboxes, nor should they export their mailbox to a personal account before departure.


The users are advised that electronic data (and communications using the network for transmission or storage) may be reviewed and/or accessed in accordance with company policies. The organization has the authority to access and inspect the contents of any equipment, files or email on its electronic systems.


All users of the Internet should be aware that the company network creates an audit log reflecting request for service, both in-bound and out-bound addresses, and is periodically reviewed.


Individuals with special relationships with the company are granted limited email privileges, including an email address, commensurate with the nature of their special relationship. The organization is free to discontinue these privileges at any time.


Users who choose to store or transmit personal information such as private keys, credit card numbers or certificates or make use of Internet "wallets" do so at their own risk.


All company web sites must be protected from unwanted intrusion through formal security measures which can be obtained from the IT department.


Do not download software onto the company’s system without the prior written permission of your manager. This includes software and shareware available for free on the Internet.


When sending Restricted Information, the user must encrypt the message in an approved method as described in the Access, Storage, Transmission and Back-up of Restricted Information section of the document Policy on the Handling of Restricted Information.


Email users should be careful not to open unexpected attachments from unknown or even known senders, nor follow web links within an email message unless the user is certain that the link is legitimate. Following a link in an email message executes code, that can also install malicious programs on the workstation.


Forms sent via email from an unknown sender should never be filled out by following a link. Theft of one's identity can result


The policy requires the use of strong passwords for the protection of email. A strong password must contain digits or punctuation characters as well as letters.


Departments that provide services in response to email requests should create a shared mailbox to help support departmental functional continuity for managing requests sent via email.


Email is not considered a secure mechanism and should not be used to send information that is not considered public.

Staff email users on an extended absence should create an Out Of Office message, which should include the contact information for another staff member who can respond while the user is away from the office.



Policy Compliance

Violation of policies may result in disciplinary action dependent upon the nature of the violation. Examples of prohibited uses of email include:

  • Intentional and unauthorized access to other people's email;

  • Sending "spam", chain letters, or any other type of unauthorized widespread distribution of unsolicited mail;

  • Use of email for commercial activities or personal;

  • Use of email for partisan political or lobbying activities;

  • Sending of messages that constitute violations of the company code of conduct.

  • Creation and use of a false or alias email address in order to impersonate another or send fraudulent communications;

  • Use of email to transmit materials in a manner which violates copyright laws.

The company attempts to provide secure, private and reliable email services by following sound information technology practices. However, we cannot guarantee the security, privacy or reliability of its email service. All email users, therefore, should exercise extreme caution in using company email to communicate confidential or sensitive matters.

An email account that has been compromised, whether through password-cracking, social engineering or any other means, must be promptly remedied with the appropriate means. The appropriate means will include a password reset, review of account settings, computer scans and malware disinfection to prevent possible leakage of PII, spamming, potentially infecting others and degradations of network service.

If the account is being used to harm others at the organization and the owner cannot be reached in a reasonable period of time, the Director of Information Technology Security will direct the office of Computing Accounts and Passwords (CAP) to reset the password. Should the same account be compromised three or more times in any 12-month period, the account will be immediately suspended, and will not be re-enabled until the user notifies the Director of Information Technology Security to ensure that all remediation has taken place, and is provided with remedial training.

Related Standards, Policies and Processes

As per CISSP body for governing official mail and internet usage

Definitions

CISSP - Certified Information Systems Security Professional

CAP - Computing Accounts and Passwords

PII - Personally identifiable information

Have a similar question?

Continue to edit or attach image(s).

  • Fast and convenient

    Fast and convenient

    Simply post your question and get it answered by professional tutor within 30 minutes. It's as simple as that!

  • Any topic, any difficulty

    Any topic, any difficulty

    We've got thousands of tutors in different areas of study who are willing to help you with any kind of academic assignment, be it a math homework or an article.

  • 100% Satisfied Students

    100% Satisfied Students

    Join 3,4 million+ members who are already getting homework help from StudyDaddy!