StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Security Policy - Part 4 [sap95] - Essay Example

Cite this document
Summary
Running Head: REGULATORY PROCEDURES FOR RUBRIC COMPANY Name: Course: Tutor: Date: Introduction Rubric Agency is one of the fastest growing advertisement companies within its region of operation. In the recent past, the agency witnessed a substantial growth in both vertical and horizontal aspects…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER93.1% of users find it useful
Security Policy - Part 4 [sap95]
Read Text Preview

Extract of sample "Security Policy - Part 4 [sap95]"

Running Head: REGULATORY PROCEDURES FOR RUBRIC COMPANY Introduction Rubric Agency is one of the fastest growing advertisement companies within its region of operation. In the recent past, the agency witnessed a substantial growth in both vertical and horizontal aspects. Its client base increased tremendously over the past business year. In addition, both the depth and width of their services grew correspondingly to expanding client base. In order to maintain professionalism in their services, Rubric rolls out a security policy meant to provide a safe environment for information contained within the organization.

This section extrapolates on the regulatory policies adopted to ensure client and company information remains secure from threats within and outside the company. All these policies aim at developing an ethically responsible workforce with loyal responsibility of safeguarding the agency’s data from unauthorized and ill motivated parties. The first part looks into the nature of activities taking place within the agency’s industry. Secondly, we focus on common threats encountered in advertisement and lastly, the mandated regulations meant to ensure ethical standards within the advertisement industry.

Regulatory Policies and Procedures The company’s management strives to integrate roles played by all stakeholders into creating a perfect relationship between all variables involved. In order to accomplish this objective, the company employs the use of information mechanisms meant to facilitate smooth and timely flow of information to the intended audience. Rubric Company conducts most of its business communications through systems in the internet. Their first software, System X-LINC, plays a central role in receiving and monitoring communications between the company’s designers and the clients during development of advertisement artworks.

Therefore, it contains sensitive and confidential information which needs critical management from unauthorized access. In addition, Rubric use another system called Demdex data in informing both the employees and clients on latest developments. Demdex contains constituent elements like financial servers, networks and backup servers. Rubric Agency relies on the information contained by this system in conducting employee payroll practices, purchase expenses and storage of client transaction data.

As a result, information contained in the two systems is either sensitive or confidential, and requires proper management to ensure security from unauthorized parties. A Common Threat Policy As explained earlier, typical activities within Rubric or any other advertisement agency include communications with clients and management of information concerning employee and other sensitive data. Anonymizer (2011) says that common threats within the industry include attacks from spyware. Spyware software covertly collects information from the user’s internet connections without the user’s knowledge.

Information collected can be used by attackers for their advertisement purposes. In addition, advertisement companies suffer from phishing threats. In the case of Rubric, phishing attackers intercept communications between the company and its clients. These tricks lure unsuspecting mail recipients into opening links in emails. These links usually appears as if they are from the company. However, phishing activities aim at stealing business information from a company’s clients. Another threat within this context is Evil twin wireless connections.

Evil twin software poses as legitimate hotspots for wireless connections. Once a user connects to such Wi-Fi provider with their laptops, the software tracks their online activities and eventually obtains confidential information. Fortunately, companies within the advertisement industry counteract the effects impacted by such threats using Anonymous Surfing protections. Anonymizer (2011) emphasizes that anonymous surfing blocks email recipients from clicking on fraudulent links in their mails.

On the other hand, anonymous surfing protects users from evil twins by routing all their internet connections through a secure server. Rubric has successfully protected confidential information from such threats by mandating the use of anonymous surfing in all their business communications. In the real world, recent statistics indicated that phishing attacks increased significantly from 2010-2012. According to Paganini (2012), US witnessed a 77% attacks comprising phishing and other cyber crime activities.

The most affected companies include eBay and PayPal. In this case, financial institutions and advertisement service industry suffers phishing attacks significantly. B Regulatory Review Policy Federal and state agencies acknowledge the role of negative technological practices within the advertisement industry. As a result, the Federal Trade Commission act in the US mandates advertisement agencies to adopt ethical business practices in their industry. According to Federal Trade Commission (2012) their policies seeks to protect both the companies and their consumers from selfish practices observed in the current competitive environment.

With respect to Federal Trade Commission (2007), the commission created a task force mandated to oversee the integration of wireless internet and broadband connectivity within the advertisement industry. The commission provides detailed guidelines on how to manage and protect consumer information within the hands of advertisement agencies. Suitable recommendations by the commission include creation of a secure wireless or broadband internet connection by every agency to ensure protection from phishing and spyware.

This will ensure clients’ personal and financial information remains secure at the hands of agencies. With respect to security policy, Rubric seeks to emphasize the use of secured internet servers in all their business communications. Furthermore, Federal Trade Commission act mandates advertisement agencies to integrate strict user authentication and remote connections policies. These policies address issues like the use of a firm’s information systems by a user operating from a remote location far from a company’s premises.

Such access to information increases the risk of exposing clients’ details to threats mentioned in previous sections. In the context of Rubric, the agency’s policy ensures that such threats are minimized by discouraging remote access of company’s systems by employees. In case such access is necessary, employees will receive authentication details from security directors. In addition, their technological hardware, especially laptops are loaded with suitable software and hardware components to eliminate any chance of cyber attacks.

Another policy focuses on the risk experienced by the customers’ credit card information held by the agency. In this category, the Payment Card Industry Data Security Standards (PCI DSS) is responsible for curbing the increased exposure of credit card information to fraudulent parties. In order to implement practical measures, PCI DSS mandates that every organization involved in credit card transactions should have a secured wireless LANS at their disposal. Rouse (2009) says that these secure LANS allow agencies including Rubric to apply WLAN APs into their cardholders’ data environments to minimize fraudulent, access to their information.

On the other hand, COPPA and CIPPA participate in regulating activities of advertisement companies who collect and maintain personal information from a minor. In creation of advertisement programs, COPPA mandates agencies to conduct their activities in an ethical manner by maintaining the respondents’ privacy. According to Chapple (2013), privacy regulations assert that an agency must obtain parental consent, maintain the information’s confidentiality and secure any personal data collected from a minor.

This ensures that an agency is obliged to secure children’s personal information at all cost during their advertisement programs. In addition, children’s information is protected by CIPPA, a body issuing mandates on secure access of internet to minors. CIPPA’s regulations protect children from harmful information contained in the net like obscene pictures. In this context, every agency should obtain certificates that ensure internet safety policies meant to monitor and control online activities of minors.

These regulations ensure continued protection of children’s information from access by unauthorized parties. Reference List Anonymizer. (2011). Consumer Threat Center: Common Cyber Threats in Advertisement Industry. Retrieved from https://www1.anonymizer.com/consumer/threat_center/ Federal Trade Commission: (2012). Protecting America’s Consumers. Retrieved from http://ftc.gov/ftc/regreview/index.shtml Federal Trade Commission. (2007, February). Comptetition in the Technology Marketplace: Internet Access Task Force.

Retrieved from http://www.ftc.gov/bc/tech/cable/taskforce.htm Paganini, P. (2012, December 13). Phishing: A very Dangerous Cyber Threat. Retrieved from http://resources.infosecinstitute.com/phishing-dangerous-cyber-threat/ Chapple, M. (2013, January). Updated COOPA regulations add to child Internet Protection Guidelines. Retrieved from http://searchsecurity.techtarget.com/tip/Updated-COPPA-regulations-add-to-child-Internet-protection-guidelines Rouse, M. (2009, May). PCI DSS (Payment Card Industry Data Security Standard).

Retrieved from http://searchfinancialsecurity.techtarget.com/definition/PCI-DSS-Payment-Card-Industry-Data-Security-Standard

Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Security Policy - Part 4 [sap95] Essay Example | Topics and Well Written Essays - 750 words”, n.d.)
Security Policy - Part 4 [sap95] Essay Example | Topics and Well Written Essays - 750 words. Retrieved from https://studentshare.org/information-technology/1468086-security-policy-part
(Security Policy - Part 4 [sap95] Essay Example | Topics and Well Written Essays - 750 Words)
Security Policy - Part 4 [sap95] Essay Example | Topics and Well Written Essays - 750 Words. https://studentshare.org/information-technology/1468086-security-policy-part.
“Security Policy - Part 4 [sap95] Essay Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/information-technology/1468086-security-policy-part.
  • Cited: 0 times

CHECK THESE SAMPLES OF Security Policy - Part 4 [sap95]

An Increased Presence of Non-state Actors

hellip; These conflicts have caused significant losses in life, property, and issues in terms of peace, safety, security, as well as governance.... In Africa, the role of the non-state actors have been especially significant in terms of ensuring the security and public safety of non-state territories, and those territories where issues of insecurity have impacted on state capacity in terms of security management (Ulimwengu, 2007)....
17 Pages (4250 words) Research Paper

Adenauers Foreign Policy

ince 1949, the emergence of German Federal Republic, Adenauer started a loyal pro-Wester n, anticommunist foreign policy for which Davison & Speier (1957) has expressed their opinion in the following words: "To a generation living with the memories of World War II, into which another German chancellor had plunged the world less than twenty years earlier, Adenauer has been the symbol of sobriety and moderation.... Adenauer's Foreign policy - German SovereigntyAdenauer felt the need to develop his own foreign policy in the late 1940s when he saw the German policies been threatened by France....
8 Pages (2000 words) Essay

Comparative of two countries police agencies

Based in foreign countries like Afghanistan and Pakistan but actively operating in Australia and alleged to be supporting terrorist training to the Australians and receiving heavy funding from Australia. Al-Qaida, Armed Islamic Group (GIA), and Hezbollah are the major terrorist organizations operating in Italy....
11 Pages (2750 words) Essay

Introduction to Emergency Planning and Operations; Types of Emergencies and Disasters

Basically, the application of the processes inculcated in the policy in connection to the specific needs of the different parts of the country.... Although this is the case, a multifaceted policy in terms of emergency planning and preparedness is required to be able to continuously protect the population and prevent cases such as the 2002 earthquake disasters in New York and the Midwest (Department of Homeland Security, 2008)....
4 Pages (1000 words) Essay

Geo-Political Diversity to Economic Union: the Evolution of Europe

“The changing fortunes of empires and states, and the lives of those inhabiting these territories, have in large part unfolded in the shadow cast by these phenomena.... This essay "Geo-Political Diversity to Economic Union: the Evolution of Europe" claims that by consenting to combine resources, the European Union's member states have moved effectively toward replacing the old status quo, in which antagonistic ethnic populations frequently bickered over resources, shifting political allegiances and lines on a map....
8 Pages (2000 words) Essay

Public Policy Analysis Tools

The policy was stated in the year 2010 as a part of National Drug Control Strategy.... policy was issued back in 2010, and after two years, its performance was analyzed using basics mathematical tools like charts and graphs.... Whether they were up to the mark or not was very easy… A policy isn't a single dimension; for instance if gun control is on the agenda, it will not be mere ‘reduce guns in public' as the goal; it will require region specific planning....
6 Pages (1500 words) Essay

Using SAP in Electronic Government

Saudi Arabia is expected to play a pivotal role in e-government establishment in the Middle East region, not in small part due to the UN assessment that it is one of the more advanced Arab nations in information and communications technology (ICT).... At its highest, e-government capability allows for the establishment of e-Democracy whereby the citizenry may openly express its sentiments to the political leadership and significantly influence its decision-making and policy-setting....
12 Pages (3000 words) Essay

People With Learning Disabilities and Local Services

The paper describes a learning disability that is something that lasts an individual for a lifetime and it usually begins from their birth and therefore it means that the individual needs support throughout his entire life and for their daily life activities.... hellip; There are many kinds of learning disabilities and some may be recognized and some may not such as Fragile X and Down's syndrome, but many people are suffering from learning disabilities and are either not diagnosed at all or not full diagnosed to figure out what they are suffering from....
12 Pages (3000 words) Research Paper
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us