It is therefore recommended that IT administrators update the policies twice a year to ensure the policies that are in place are complaint with the most current technologies and versions of the software.
The policy will need to ensure the following issues:-
* Hardware – identification of the overall IP addresses
* Vulnerability – scope of infiltration, hacking, data loss, DoS, Open ports, network scans
* Traffic – Ensure that all incoming and outgoing traffic is identified, authenticated and authorized based on user groups, permissions etc.
* Security policy – It is also recommended to purchase and upgrade to the latest software versions for securing the Firewall, along with detailed precautionary measures clearly defining the role of the employees who would be responsible and in charge, in case of any security breach.
It is also recommended to circulate these policies from time to time from the higher management to all the employees in the company to ensure that everyone is aware of the security permissions and restrictions and do not get involved in any form of malpractices themselves. It also ensured that in case of a breach, the employees might be able to identify and alert the required personnel are informed in time, saving a lot of time and data loss.( Bevis, J. , 2007)
Impact on Business Processes - The impact of security policy on the business processes is quite low. The importance and priority of the policy is quite high as it outlines the requirements and regulations from a security perspective and ensures that the various networks in organization are operated smoothly. By having an up-to-date security policy, and by having employees aware and well versed in the rules and regulations pertaining to security, AS would have ensured that their network is safe guarded against the numerous hacking activities and malicious threats. It also means increased trust from the clients, regarding the safety of their sensitive data.