Computer Science: Security Policy
Computer security policy is an art of governance that helps to define the goals, conducts, and other elements of any organization's computer systems that form the information system. The policies are expected to be enforced by the organizational security mechanism or its policies. They are meant to ensure that the computers are safe and useful to the organization. Moreover, the policies are well implemented using models that categorize them into three security categories of confidentiality, integrity, and availability (CIA). Hence, the main objective of the policy is to protect data from loss, maintain the reputation of the organization, and ensure that the organization is sustainable.
The following set of rules must be adhered strictly at all times. Any violations of the rules should lead to punishing as indicated in the violation section. Therefore, ABC expects that the rules and code of conducts shall be adhered all the time. The policies are meant to enforce the culture of the organization through the security mechanism.
ABC healthcare organization is mandated to provide better healthcare services to the public. Therefore, we need efficient communication systems to ensure that our staff can reach the patients at the shortest time possible. The computer resources have been a major component of our data management (Pieprzyk, Hardjono, & Seberry, 2013). The resources are shared among the staff. The health care has invested a huge amount of money in purchasing and implementing the computer systems to ensure the flow of work and as an assistance aid for research. As such, it is expected that the resources will be used wisely. The ICT department has generated the security policies to ensure that when followed, the institution will be able to share the resources fairly and responsibly. The organization expects to install more computers for the organization's daily operations.
Information communication systems resources are very important assets of ABC healthcare provider organization. The systems are necessary for daily operations of the health organization. Any fault occurring for the information systems may lead to inescapable inconveniences (Akhgar & Arabnia, 2013). Hence, it is expected that the outlined policies will be strictly followed. ABC decided to develop these security policies in order to ensure that the available computer resources in our institution are used fairly, ethically, and in a responsible manner. Any data within the organization is very important to the organizations businesses. The data must, therefore, be secured and protected from loss. Intrusion to the ABC healthcare information systems can cause enormous damage to the institution. ABC values the confidentiality, integrity, and availability of its data. Hence, the institution is committed to the protection of its own systems and data from threats. It is the mandate of the organization to identify and rectify any vulnerability within their systems. As such, the ABC has adopted the following policies for the listed objectives.
I. To enable all the staff within the organization access the information they need timely and from trusted sources.
II. To ensure that there is efficient communication between the clients and the psychiatrist.
III. To eliminate any form of intrusion from an external subject that may lead to the loss of organization's information or its business secrets.
IV. To minimize damages and unnecessary breakages of the computer systems.
V. To ensure fair access to the information communication facilities within the institution.
VI. To reduce the costs of replacing dead and damaged computers.
VII. To ensure that the staff members can access authentic information that has not been altered.
VIII. To facilitate communication inside and outside the organization.
The policies apply to all the staff members of ABC healthcare organization. They include the doctors, nurses, supporting staff, and also interns. The policy covers all ICT-related electronics. These should include the software used in the organization and the hardware parts of the information systems. Personal computers are covered by the policies if they are connected to the organization's network.
Authorized Access and Usage Equipment
I. The staff shall be assigned usernames and passwords through the creation of their personal accounts; any user is expected to use the credentials in accessing the computer systems within the organization.
II. ABC expects that the staff would not share their credentials with non-staff persons. Staff members who no longer works with the organization is expected to report to the Head of ICT for the termination of their accounts.
III. The users are expected to use computers wisely. They are also expected to take maximum care of the computers at the time of usage to prevent any damages.
IV. Only authorized staff is expected to access the computer servers. However, the authorized staff accessing the servers is warned not to share their credentials to non-authorized staff members for them to access the server.
V. The users are not expected to bypass the organization network to access the restricted sites. The users are encouraged to respect the ICT policies that have restricted the sites for the purpose of reinforcing security.
VI. The organization's computers are the entity of the enterprise. Hence, no one is expected to carry any computer devices to his or her home. The computers of the organization should remain in their respective computer labs.
VII. The computers are expected for the operations pertaining the functions of the organizations. Computer users are requested to share the computers among themselves.
VIII. Repair and maintenance of the computers are only expected to be done by the ICT department. Hence, the users are discouraged from repairing the computers on their own. Any assistance needed should be asked from the department of ABC ICT.
IX. Staff should have their accounts active to prevent their termination. Dormant accounts (those accounts that have not been active for six months) will be terminated.
X. Food and beverages are highly discouraged in the computer labs.
XI. Hacking is illegal. No staff is expected to access data from other peoples computers. The extension of the networks for personal advantages is discouraged. The resources must be shared equally. Any alteration of the software within ABC healthcare organizations is illegal.
XII. Propagation of malicious programs like a virus is illegal. The e-resources should not be vandalized.
XIII. Staff members are expected to respect each other while working in computer labs. Any form of threat or intimidation is against the policies of ABC healthcare organization.
XIV. Users should ask for assistance while connecting to the organization network. The users are encouraged not to use static IP address in order to prevent any malfunctioning of the network.
XV. In the case of registration of the assigned computers, the user must ensure that the computer is in good condition at all times (Quinn, 2014).
Prohibited Usage of Equipment
Computers at ABC are meant to serve the entire staff fraternity. They must be shared among all the members. The users must respect the value of the resources and information of the organization.
I. Copyright infringement is a crime. The computer users are not expected to be sharing unauthorized materials like music, movies, and other intellectual property. Piracy is highly discouraged to prevent confiscation of the hardware resources for counterfeit materials.
II. The internet should be used wisely. ABC computers should not be used to access sexually explicit and offensive websites. The employees should use the computers for the productivity of the organization.
III. The software in the ABC healthcare organization remains the entity of the organization, and, hence, it should not be altered. Indiscrimination, alteration, or addition of the unknown software poses a great risk to the organization resources. Users are discouraged from such actions.
IV. The staff members are not expected to use their laptops in the server rooms. The information of the organization should not be stored in personal computers. The organization data should be kept within the organization safe storages.
V. The computer users are advised to keep off from unknown sites. While using the computers to access e-mails, the user needs to refrain from spams in order to prevent any kind of hacking.
VI. The reputation of the computers should not be objected to tarnish the reputation of ABC healthcare organization. The information of ABC should remain the property of the organization.
VII. Personal switches and network devices are not allowed in the organization computer labs.
VIII. The computer users should not try to access unauthorized programs from the organization's servers.
I. ABC has competent ICT managers to provide support. The users must respect and obey the ICT specialists in order to enable them to perform their objectives. It is the right of the staff to get the required support from the ICT managers.
II. In cases of system change, the users must bear with conditions. The system managers must be given enough chance to perform their roles without any form of disrespect.
III. Access to the systems within the ABC healthcare organization is classified. The users must follow the procedure while accessing the resources. They are also expected to log in ONLY with their own credentials (Kozma & Vota, 2014).
How it works
Step 1Visit our website and go to the order form
Step 2Fill in specific essay details in your order description section
Step 3Pay for your custom essay and get your order verified
Step 4Process of writing your academic assignment
Step 5Editing and anti-plagiarism check
Step 6On-time delivery of an already written essay
IV. Users should not change the information in the organizations systems.
V. The staff members must be aware of the requirements of the ABC to monitoring the network. The user is expected to be cooperative with the system managers.
VI. Computer is a vital storage of data. The users should not disclose their information to other users who might have ill intentions.
VII. The ICT specialist is responsible for security configuration. Any staff should not act on behalf of the ICT specialist. He or she needs to ask for assistance immediately.
VIII. The organization will not allow any person to change their details in the servers without informing the organization authority.
Violation of Policy
To ensure that the policies are not violated, ABC has to impose penalties to the violators of the policies. The following are the consequences of the violations of the policies mentioned.
I. A computer user (ABC staff member) shall be expected to cater for any damages made by him or her which must involve replacement of the resources.
II. Prosecution is realized under applicable civil or criminal law if the matter is too severe to deal with it internally.
III. The privileges to access the systems may be permanently or temporary denied. Closure of the accounts may also take effect if necessary.
IV. Termination of the staff means that to some extent, the staff members can be fired from their jobs to prevent jeopardizing the role of the organization to the society
Limitations of Liability
ABC should never be liable for any kind of damages from its users (staff members), may it be direct, indirect, exemplary, or resulting from punitive actions of irresponsible computer users. The organization is not ready to bear the damages resulting from the users visiting the restricted sites. The individual computer user will be responsible for his or her own actions. The organization is not liable for the personal loss of the users computers within the organization.
To prevent any inconveniences or loss to either the organization or the staff of ABC, the users are advised to ensure the privacy of their credentials and the allocated computer resources (Akhgar & Arabnia, 2013). Within ABC healthcare organization, the ICT department expects that the policy will be adhered to for the betterment of the ICT services.