Information Systems Use Security Policy.
Sunshine Machine Works has expanded its infrastructure. When they started there were just three computers, and ten employees. Now there are over 100 employees and their network will have fifty computer terminals, with two servers. During the expansion there has been a lot of discussion about the need for a written computer use policy.
You are the IT Services manager for Sunshine Machine Works. This company has seen rapid growth. Management is looking to you to provide a critical input for an Information Systems Use Security Policy. Although they have a format they can use for the policy, they are looking to you to provide some guidance on areas they will need to address when creating this policy.
Chief Executive Officer
When we first started this company there were only a few computers that we used to share our files. Now, with the growth of our company we have a situation where we need to centralize our file storage. I am concerned that if we are not careful, some proprietary information could be compromised. We need a good information systems use policy in place. Keep in mind that I am also looking at expanding our business into some oil field work and the standards we will be required to comply with dictate that we have a written policy in place.
Chief Financial Officer
There are a lot of spreadsheets which have our account information on them. There is restricted access so that the only ones to access those files are the CEO, the General Manager, and me. No other employees have access to most of them. When they need access to financial data, I am contacted and provide them with the feedback they request. I hope that we are able to keep this system running efficiently and any policy helps enhance the safeguarding of our financial data.
I look at the way we need to do business now, which entails a lot of online collaboration with our vendors, customers, and activities related to our potential sales outreach. I need to have our staff utilize our computing resources with maximum efficiency; however, I want to balance this with the realization our staff may need to check their personal email accounts, bank information, etc. As our file server has arrived and all file storage has been centralized, we need to look at how we secure our network while keeping productivity up.
Given the scenario, your role and the information provided by the key players involved, it is time for you to make a decision
Write a paper of 500-1,000 words (double-spaced) about your experience in the Week 1 You Decide exercise. Briefly explain some of the issues that a company may face as it experiences growth and begins to address the proper use of its information systems.
See Appendix C of the textbook for examples of policies which address issues companies may face.
Since you are responsible for IT Services and want to keep the systems and network functioning effectively, you will want to identify activities which would be permitted and which activities would be prohibited. Management will take your policy suggestions, finalize the policy and it will be provided to the employees.
Follow the instructions provided in the You Decide Exercise: Information Systems Use Security Policy.