The Microsoft Corporations Department of Security Mission - Case Study Example

Security Plan of Microsoft Corporation

Microsoft Corporation is an American company for multinational technology which has its headquarters in Redmond. Microsoft Company develops licenses, manufacture, sells and support computer software, personal computers, consumer electronics, and services. The Microsoft Corporation is mostly known for the software products it offers such as Microsoft Windows used for operating systems, Edge browsers and Internet Explorer and Microsoft Office Suite. Network security is much important as there is need to secure and protect information in an inaccessible manner and vulnerable to individuals who are not authorized to access the information in a given company, a vital factor in a Microsoft corporation. There is the need for a network administrator to create a new system security plan for the Microsoft Corporation. Since Microsoft Company consists of many clients, employees and other crucial affiliates, the company's information require to remaining secure and confidential throughout the organization. Only authorized individuals should have access to the various type of information regarding the business and its clients. In designing of a network information security plan for the Microsoft Company, there are several management practices and theory and organizational management that need consideration. These include the mission, vision, goals, code of ethics, organization chart, staffing requirements, responsibilities and roles of personnel and leadership, communication and behavior of the Microsoft’s company security department.

Mission of the Security Department

The Microsoft Corporation’s Department of Security mission is to become the primary provider of security solutions, making sure that it is the best in the corporation to which other departments of security strive to emulate. The establishment is made according to the basis of mutual respect, diligence, and honesty in creating central working relationships with both the staffs and the Microsoft corporation clients. The company will make sure it establishes an innovative, personable and bespoke approach to all of its partner’s requirements. The security department of Microsoft Company will continue challenging all of the processes of business to exceed and achieve clients and groups leading indicators of performance in commercial and operational sectors. The security department will continue to surpass the department’s aims via deliverance of solutions that are workable to the usual delight of the company’s partners.

Vision of the Security Department

The department of the security department of Microsoft Company's vision is to be the leading authority in all parts of Microsoft corporation practices of law enforcement to address safety and security needs of the staff and company's client more efficiently and to uphold the mission of the enterprise. All the members of the security department have specific roles allocated to them. The Microsoft Company is the major distributor and manufacturer of software products such as Microsoft Windows used for operating systems, Edge browsers and Internet Explorer and Microsoft Office Suite. Our primary focus remains on maintenance of network security as there is need to secure and protect information in a manner inaccessible and vulnerable to individuals who are not authorized to access the information in the company.

Goal of the Security Department

One of the primary aims of the security department of the Microsoft Company is to make sure that the firm's clients are secure and safe. The safety is achievable through the department being committed to protecting the customers from the increasing wave of attacks by criminals. Another goal is streamlining the Microsoft Company’s system that patches flaws of software. The company is expected to improve the existing security of its systems. The improvement of system security makes the confidential information of the business and its client's data unreachable by individuals who have not been authorized by respective company's department (Dhillon, & Backhouse, 2000). Additionally, providing education to clients regarding their usage of the company’s products is the other key goal of the security department of Microsoft Company. The security staff leads campaigns to create awareness of the secure using of the company’s products and educating individuals on the best ways that they can use to restrict unauthorized persons from accessing the information of their products.

Code of Ethics

The purpose of the need for the code of ethics in the security department of Microsoft Corporation is to establish binding rules which all individuals in the department involved in providing security services obey to maintain, achieve and promote a professional and trustworthy security staff. The code of ethics helps to maintain, make and improve compliance by the security providers in the security department with the obligation that they have towards the safety of clients and the own security of the Microsoft Corporation in general. The code of ethics applies to all providers of security in the company, whether registered by the authority or not. Confidential information should not be exposed to the public. According to Schwartz (2005), the disclosure of the company’s or clients’ confidential information should be restricted so that it becomes accessible to the authorized persons only. Due care postulate that the professional of a given company should never reveal any sensitive information or make use of sensitive information unless they have acquired. A member of the security department of the Microsoft Company shall never disclose any confidential information without having appropriate authorization by the department manager.

Organizational Structure

The organization chart of the Microsoft enables its growth. The organization chart of the Microsoft Company regularly stresses the essence of the business output. The Microsoft Company usually has a structure of divisional product type. This particular structure has divisions categorized according to given computer software and hardware products and the organizational outputs. The major features of the structure of Microsoft Organization include; global corporate groups, geographic segments and product type division.

Staffing Needs

The security department in the Microsoft Corporation should have about five percent information security staffs of the total individuals in the sector of informatics. The essential things that should be kept in mind are that there is the need for the Microsoft Company to have the security staffs in the security departments done correctly which does not only mean checking the existing staffs but there should also be efforts to employ additional workers. These additional workers act as compensation for lack of technology in the security department. For instance, in the situation whereby the security department lacks the platform of identity management that is robust, then the staff on information security count requires being increased for it to account for the manual user provisioning which should take place in the organization.

Roles and Responsibilities of Personnel

The responsibilities of the security personnel in the Microsoft Corporation includes; leading in the adoption or development and enforcing of policies of information security, standards, and procedures. The staff in the security department needs to complete and conduct an annual review of the policies that are required to be observed in the handling of information of the company. Maintenance of the security policies of the security department is another responsibility of the personnel in the department of safety in the Microsoft Company. These security systems are the formal procedures which document and detail actual controls and mechanisms which should include; personnel security: The staff can only access sensitive information that they have the required clearance and authority. Administrative is made up of risk management and analysis, documentation control and administration, information sanctions and controls in case they do not comply. Technical security personnel set standards required for accessing and authorization controls used in each day operations and emergency procedures for information. Transmission Security personnel creates the standards for audit trails, access control, event reporting, integrity and encryption controls.

The other responsibility of personnel in the security department is maintaining the safety procedures of the security department which include; evaluating and compiling with measures of security, testing of proceedings, standards, and mechanisms of security, responding to security incidence and incident reporting. Moreover, maintaining of appropriate tools and measures of security to protect against any anticipated hazards and threats is another role of the personnel in the security department of Microsoft Company. Another part of the staff in the security office is assisting in performing the ongoing monitoring of the security of the organization information systems. Finally, making sure that there is compliance with enough programs for training and periodic security audits is the other responsibility of the personnel in the security department.

Application of Organization Behavior, Leadership and Communication

Organization behavior refers to the use and knowledge study concerning activities of groups and individuals in given organizations. Group practice does this through the taking of system approach. In the security department of the Microsoft Corporation, the organization behavior will facilitate interpretation of the various relationships between individuals in the security department regarding the social system, person, department and entire group. The principal purpose of the organizational behavior in the security department is creating better and improved relationships through achieving social objectives, security department goals and objectives, corporate objectives, and human objectives. The organizational behavior frequently encompasses a broad range of several topics such as change, leadership, teams, and behavior of the personnel in the organization (Robbins, 2009). The security department organizational behavior in Microsoft Corporation will be defined majorly by the culture of the department.

The base of the Security department is highly influenced by the management’s value, vision, philosophy, goals, and objectives. It dictates the culture that is adopted by the security department which is made up of the social environment, open organization, and formal organization. Security department leadership includes the management staff which provides inspiration, operational oversight, objectives and administrative services to the Microsoft Company. For the security department leadership to be effective there is the requirement to prioritize goals and targets for the subordinates and offer guidance toward acquiring of the department’s vision. According to Zaccaro, & Klimoski (2002), right leadership in the organization helps in maximizing the efficiency and achieving the goals of the organization. Communication in the security department will involve receiving and sending of messages among personnel in the department to achieve shared and individual goals.

The Microsoft organization security plan should focus on adding and modifying the measures of security which the company has already established for the products been manufactured currently. The security department should make sure that it gets involved in practices that maintain and enhance the safety of the information of the company and its clients. Therefore, the security plans of the Microsoft Company may further focus on educating its customers with hopes that it will succeed in helping them become secure. Although it is believed to be a difficult task of teaching and training of clients of how they should ensure their products and systems, the security department of the Microsoft Organization has a divine role of continuing with modification of its practices of security until it achieves the correct recipe that is valid for product management.