I attached the previous 4 labs. I need lab 5 now. 1.5 page is enough. Make sure you read the other labs because they all are connected. due in 10 hours. No Plagiarism. Security Operations – Week #5 La
Prohibited use section of Information Security Plan (ISP)
Information is becoming diverse in the global world, attracting a lot of attention to both users and providers. It is essential in propelling different aspects of life, ranging from political, social, and economical. It is a double-edged sword; if well implemented, it can bring desirable results to the business, but it can damage the whole business if poorly managed. Therefore companies and governments have been forced to re-evaluate their compliance in the emerging security threats. Counter attacking these threats requires excellent and sophisticated policies. Without top-notch security policies, it is like plugging the hole with a rag. There is always going to be a leak.
Prohibition of illegal conduct
Standard ethics and code of conduct are required when handling information and data because the data should be of high quality, reliable. Well protected and should portray confidentiality for the stakeholders to bid with the internet provider. Illegalities can cause disruptive behaviors on accounts, files, machines space under one supervision to incur losses to clients and embarrassment that may lead them to suspend their accounts and loyalty restoring this may require further expenses and probably disciplinary action leading to loss of jobs. These prohibitions include but not limited to; Do not allow another person to use your computer or login codes and passwords, again you should not redistribute any copyrighted materials.
System and Network Activity restrictions
Comprise all activities geared to reduce the intrusion and interference with the network system that can lead to access of confidential data and information belonging to the clients and the subscribers, and it acts as a guide in the company or government institutions that streamlines all ethical affairs in the information technology environment including signing nondisclosure forms as work-related contracts.
Copyright infringement, also known as piracy, is when a user without permission uses, reproduces, distributes, advertises, displays, and performs with materials protected by the copyright law, therefore infringing on the owners' rights.
Proprietary information disclosure, it the use of secret information, formulas, or materials for the period in which the company or organization wishes to keep them confidential; these may be used to bar the owner from benefiting or create chaos and loss.
Unauthorized use for personal business, it is when internet provider uses their address to communicate, distribute or conducts public or official work, therefore, endangering the information and organization, these means using example a personal twitter or email account that is private on public affairs.
Malicious programs refer to the software that causes harm to computer networks and systems; this malware disrupts computer networks in the form of different components depending on the attacker’s intentions like trojan, viruses, worms, rootkits, and spyware.
Account disclosure is when parties agree to release sensitive information to identify themselves or other parties. When released, this information can result in identity theft, civil, federal, criminal, and states statutes penalties.
Email and Communication Activity restrictions
All communication activities through emails in an organization should have restrictions and guidelines through which the parameters of emailing are regulated, that is, unsolicited emails, harassment, chain letters, and spams. This includes sending junk mail, telephone paging, frequency, and size messages through language or any Ponzi of pyramid schemes. This policy implemented by the organization's officer of information technology (OIT) must be well framed stipulated with their implementation process, and the consequences of any violation, the disciplinary action must be elaborated in the nondisclosure contract.
Blogging and Social Media Activity restrictions
Blogging is a more elaborate tool of communication in the new globalization, hence representing a handle in differentiating between work and private social media affairs. Organizations have developed regulations to limit the loss of materials in many countries. This has become a common phenomenon in making privacy laws of using and collecting data requiring the consent of its implementation. The same also is necessary to inform the parties if the information is used by the third party. It has made it difficult for professionals to separate between professional and personal comments since there is an information officer who speaks on behalf of the organization, hence has made it impossible to express one's own opinion mainly if they belong to the particular organization since it will be; perceived as the organization decision or take in the matter.