This is a security policy common in organizations
Security management in organizations like the Marl Com is important so as to avoid the common cases loss. As a company there are guidelines that should be set on the security policy to ensure that the system is secure as much as possible. Some of the commonly pre-set directives includes the moving out of the company’s compound with the company documents and tools, and coming with the storage devices to the institution. These are prohibited for a number of reasons. The carrying of things out of the company is set not only to minimize the loss of tools from the company but also since these devices can go away with some important information relating to the company that might result in data loss and hacking activities in the company. The storage devices like the flash disks and others are believed to carry information. If someone comes with such tool inside the company it simply means he kind of want to take some information from a colleague or the company itself. He might be in one way or the other take information from the company relating to the operations and the financial position in that way sending it to the competition’s and hence lead to company crisis. The policy we are going to actualize due to the major concerns on the data loss is on BYOD. There are restrictions that are going to be put in place for the BYOD policy. These will only be for a number of companies like the marketing group however the financial department will remain under the previous policy so as to ensure the protection of data an information. It is transparent that with the rise of technology our company too is finding insights from the customers to improve the use of the technology to enhance the services offered by the company. With these in mind we are going to allow usage of devices for some departments us others will remain prohibited. Marketing department will be free to use the mobile devices and also their personal laptops where necessary. Any gadget will be allowed in but only in the marketing department. Some limitations lay in line for the storage devices. Effective Date The BYOD policy on the specific departments will be effective on November, 2021. By this time we expect personal devices from the other departments other than marketing and research department to be removed from the Company’s compound.
The policy on bringing the device will apply to all the employees as stated below: • The full time workers and part-time workers • The Contractors with a valid contract in the company • The temporary workers even if for a short period of time.
In the recent years we have been having issues relating to data loss and also hacking in the company. There have been analysis performed from day to the other on what might have been the course of these and it came to our concern the BYOD might be the major issue resulting to this. We experience large data loss from the perpetrators. What we don’t know is if the data was sold to the competitors or not. These is a major thing and should not be tolerated in our company. We have to accept that technology have advanced and hence it is important for us to comply but comply in the right manner. Going back to the history, there are companies reported major data losses like the Facebook Company (Mariam, 2018). The data loss led to a great impact on the company and trust ceased greatly. For our Company being an upcoming company we don’t want to be in such a situation. For some institutions however, the BYOD is greatly allowed. A good example is like in the hospitals. The devices are important in allowing real time communications in the hospital and addressing security of the patients are much as possible. According to the research by Kadimo (Kadimo, 2018), the BYOD policy to allow the workers to go to hospital with their devices prove to be effective. These is because as a worker something might happen in hospital and it might be easier to use their personal gadgets to address the issue. As a common sense, no one can reach to a situation of harming the patients or the data relating to patients. Trust is created and people allowed to come with their devices in case of anything happening. For good marketing of products, the use of the social media like Facebook twitter and others like the conversation applications and chat-spots like the WhatSapp, is a good method of promoting the company products. In the previous years it was highly to use the mobile phones in the company and the use of earphones. Nowadays people are freely using them in the company for marketing. This proves to be a good method and it can be allowed on the company. Some of the reasons we might allow include the following: • Chatting with the customer in explaining the products offered by the company. • Updating the statuses relating to the promotion of goods in social media. • Following twits to understand more about products and maybe twit based on our products. • Video calling a customer to showcase the products. According to research by Barlette, the method of allowing the individuals in the marketing department to use mobile and personal gadgets should be allowed (Barlette, 2021). It is one way of attracting more customers in the company. People with many followers in Facebook and twitter are believed to the best marketers (Yang, 2019). Even the managers in the companies might be at one point need to use mobile phones. Example is when the manager is speaking to an important client. This is allowed so as to allow the business to grow with the technology.
BYOD (Bring Your Own Device): This is a security policy that address on the issue of bringing your own devices to the company. It includes the devices allowed and those that are not allowed.
- The employees in the company wishing to carry with them their personal devices should sign the BYOD policy and also the security policy of the company.
- System software is not allowed to be installed in the personal devices like the CRM dashboards and any other configurations in respect to the system servers.
- Security check on the devices should be done by the ICT department to check that the tool cannot breach the security of the company.
- Connecting the devices not addressed to the server is not allowed. Devices like personal laptops should not be configured with the Ethernet same with system server.
- Social media use is allowed in the following departments only: • Sales and Marketing department • Some admins like the manager
- Warning being given to those who go against the rules: As a default, the company gives 3 warnings and upon which the customer will be laid off and a replacement done after an interview.
- Devices not allowed in the company will be taken from the users and stored in the storage area where they should be collected by the owner.
- In case when a device is noted to have caused data breach it will result into a police case.
Mariam, I. (2018). Revealing Facebook Privacy Settings Patterns: Analysis of Pakistani Facebook Users (Doctoral dissertation). Kadimo, K., Kebaetse, M. B., Ketshogileng, D., Seru, L. E., Sebina, K. B., Kovarik, C., & Balotlegi, K. (2018). Bring-your-own-device in medical schools and healthcare facilities: a review of the literature. International journal of medical informatics, 119, 94-102. Barlette, Y., Jaouen, A., & Baillette, P. (2021). Bring Your Own Device (BYOD) as reversed IT adoption: Insights into managers’ coping strategies. International journal of information management, 56, 102212. Yang, X., Wang, X., Yue, W. T., Sia, C. L., & Luo, X. (2019). Security Policy Opt-in Decisions in Bring-Your-Own-Device (BYOD)–A Persuasion and Cognitive Elaboration Perspective. Journal of Organizational Computing and Electronic Commerce, 29(4), 274-293.