Online businesses are similar to normal businesses but online businesses come with
additional legal issues, security measures, policies and financial obligation, especially with
concern with individual privacy. Information security standards are pivotal in ensuring
operational success of a business, and there must be a clear understanding of preserving the
confidentiality, integrity, and availability of the company’s network. In terms of a small online
business there must be a greater emphasis on risk management, and to effectively control and
protect information security assets. Small organizations are often limited to the amount of
resources to protect information security and require the best use of those resources at the lowest
The use of IT security policies can manage risk by setting standards and guidelines that
meet the needs of security for an operational business while protecting employees and client’s
sensitive data. There also needs to be polices to reflect the legal and regulatory requirements for
the corporation. For instance, measures need to be taken to protect intellectual property, financial
information; sensitive employee and customer information or the business can face significant
fines and penalties from state or federal auditing agencies. In the creation of the policies due care
and due diligence must be used to ensure the security and liability of information security.
An information security program ought to be in place to help mitigate risks to the
organization and cover policies including, physical, and logical security of business assets. A
prime risk management strategy for small business is the concept of cyber insurance.
[OnlineBusinessName] Corporation may be a small business but it still faces attacks like data
breaches or a denial-of-service attack and [OnlineBusinessName] needs safety measures for the
costs of investigations, reimbursement for damages to clients, PR for...