Incident Response Protocol Development for Watergate Company
Student’s Name:
Professor’s Name:
Date:
Incident Response Protocol Development for Watergate Company
Audience: All Watergate Employees, Staff and Management
Policy Statement:
This Incident Response protocol guideline contains a collection of established procedures which are following the legal and regulatory requirements of the Company’s policies. These guidelines are aimed with dealing with instances of any unauthorized access, or unauthorized disclosure of the company’s information .incorporated in this Incident Response Protocol is the Business continuity plan, as well as the various, polices to be implemented to ensure information security of the company’s sensitive data. It also mentions some of the measures to undertake when faced with internal or external attacks. Also included in this guideline, is the infractions sanctions as well as the mission statement pertaining to security (Wibu, 2020).
Report
All company employees are encouraged to come forward and report any suspicious activity relating to unusual behaviours depicted by some of the employees as well as the various systems. All personnel are urged to report any cases of unauthorized access to the computer systems that they use within the workplace with immediate effect. Additionally, if any employee suspects any unusual behaviour from their workmate, they should not feel any fear at all and are order to approach the necessary desks for assistance. Anonymity is assured to any employee that provides valuable information, and top-most secrecy is guaranteed.
Measures to be addressed by Watergate Security Team.
To ensure that the security team adopts adequate security policies, here are some of the steps which the company is undertaking as part of its Business Continuity Plan. The first step will involve the conduction of a risk assessment to determine the most likely that scenarios within the company’s systems. A business Impact Analysis will also be carried out to collect information relating to RPO and RTO. The continuity plan has been developed focusing on strategy and plan development as well as plan testing of the advanced strategies(Eze Castle Integration, 2020).
One of the significant issues to be addressed by the security team to ensure that security measures are adopted to act on the internal and external incidences which occur include the following. Proper encryption of all computer systems via the use of hard-to-crack passwords to be implemented in all servers and hubs, the designation of safe systems which offer restricted access to the users are also to be implemented. Installing virus scanners and alarm systems to keep all the software up to date and detect any case of suspicious activities is also ongoing. Additionally, a training program is underway to ensure that all the employees are made aware of the risks and vulnerabilities to look out for when using the computer systems (Steinberg, 2011).
Actions to Undertake
Upon any verification of the existence of suspicious cavity among the employees and the computer systems, the perpetrators will be accordingly punished immediately as per the Company’s act 245-78. Thereby. To prevent security infractions, the company should adopt some of the following measures the: the company is to undertake a project to apply all patches in the security systems, web application firewalls are also to be installed to prevent infractions relating to phishing and unpatched vulnerabilities. Additionally, the network is to be segmented in an attempt to avoid the occurrence of infringements concerning in-house or outside-business area traffic. Data back-up plans to Cloud are ongoing to ensure that in case of disaster occurrence, data recovery will be assured to run smoothly and without disruption of the company’s current activities (Cepero, 2018).
The Security Mission Statement
Watergate Company’s corporate mission is aimed at the achievement of the company’s visions which entails the working towards becoming the best Company in terms of offering services relating to information assurance solutions. The company is therefore committed to the following principles, e.g. responding and listening to the employees and supervisor’s security needs. Additionally, the company s aimed at achieving universal unity among all employees across all levels. This is to be achieved by adopting effective security measures to ensure that the employee’s data is not compromised in any way (Mission statements, 2020).
REFERENCES
Cepero, R. (2018, November 2). HTTPS://www.facebook.com/bleuwire/. Blue wire. https://bleuwire.com/7-tips-how-to-prevent-security-violations/
Eze Castle Integration. (2020, February 11). Five steps of business continuity planning. Eze Castle: Managed IT, Cloud Solutions, Cybersecurity. https://www.eci.com/blog/135-five-steps-of-business-continuity-planning-for-investment-firms.html
Mission statements. (2020, February 21). Security service mission statements. Mission Statements. https://www.missionstatements.com/security_services_mission_statements.html
Steinberg, S. (2011, July 7). Ten ways to keep IT systems secure. Entrepreneur. https://www.entrepreneur.com/article/219954
Wibu. (2020). Keynote. Wibu-Systems | Software Protection, Software Licensing, Access Protection, Document Protection: Wibu-Systems. https://www.wibu.com/magazine/keynote-articles/article/detail/security-incident-response-protocol.html