IT Research Paper Sample

Protecting computers and mobile devices from internal and external threats need more expertise which is usually beyond the abilities of the common user. In a normal working environment, the computers usually have access to the internet. This gives users the ability to communicate with other users. That implies that there is communication in that organization. However, visiting machines may render the network vulnerable and cause the network to be infiltrated by viruses. This paper intends to address the importance of having a well written and enforceable information technology security policy.

When one is in the process of developing IT security policy one should consider the defense in-depth model. That means that one should not rely on one principal means of protection; instead one should develop a security program that provides multiple layers of defense (Vacca 134). This will ensure that the data has maximum protection, and the potential of the resources being compromised is reduced. An effective IT security program should be capable of detecting anomalies in the network traffic and take the necessary steps towards mitigation. Mitigation may be either reactive or proactive.

IT security policy is very important in an IT security program. The policy identifies the procedures and the rules that all the users who will be accessing the computer and network resources must adhere to in order to ensure the availability and integrity of the data and the resources. An important point to consider when developing a security policy is its flexibility and adaptability to technological changes. The documentation of the security policy should be regularly updated as soon as new technology and procedures are established to support the mission of the organization.

Computer Desktop Security Policy

Any desktop security policy is a subset of the corporate security policy. The policy must address three main areas in order for it to be effective. They include availability, integrity and confidentiality (Vacca 379). They are not intended to protect just one desktop, but the whole network and each desktop that is a member of that network. The term desktop can refer to workstations, laptops, servers, personal digital assistants and IP phones among others. All these devices will have to be considered when the computer desktop security policy is being developed.

Taking into account all those devices when developing the computer desktop security policy can seem to be tough but the best way to start is by finding the right combination of security products and procedures to meet the requirements. The first one is the anti-virus software. Anti-virus software identifies thwarts and eliminates viruses and other malicious software. Anti-virus fits in the category of both availability and integrity. However, the system administrator must ensure that the anti-virus software is always updated (Rubin 209).