Global Corporation Inc.: Data Protection Policy Statement Research Paper

Exclusively available on Available only on IvyPanda® Made by Human No AI

For any business establishment, the financial records are by far the most sensitive records and efforts should be made to ensure that they are well secured. This goes double for the company GCI because not only does it have in its possession records for its own operation but it also hosts some financial records of client enterprises(Pfleeger, & Lawrence, 2007). The latter documents are most likely released to GCI on some sort of goodwill arrangement which have to be sealed by the law in the form of contracts. There are vulnerabilities and threats which the company will have to face especially if it maintains the system that allows staff to store confidential company data on laptops.

The most primary vulnerability that the company is subjected to is the fragility of security barriers that comes with every member of the company carrying confidential data on their laptops. With new and new internet technology coming up that allows individuals to leech on data from other people’s computers without informing them, it is very easy for competitors to hire hackers to obtain whatever piece of information they want from any laptop that is connected to the internet. This is even worsened by the fact that the strength of a leech transfer depends on the number of donors seeding the same information. The more computers there are sending out the same information at the same time, the easier it is for unauthorized personnel to download the data.

The major threat which the company faces comes from either their competitors or the competitors of the companies they serve. Once competitors notice that this system of laptops is the one being enforced by GCI and getting to know of the vulnerabilities that come with it, GCI will be under constant threat of attempts to breach its security protocol with an aim of getting to that crucial data. Since all the company’s data comes from one central database, in-house sabotage can easily be implemented with disgruntled employees going into the database and maliciously destroying all the important records. Laptops as compared to desktops can be easily stolen. This then goes ahead to pose another threat to the system regarding the safety of the company information. Extracting data from a stolen laptop is much easier than trying to hack into the system in order to obtain the same information. Competitors and other detractors will definitely be on hand to try and get the information they want and they could even go for uncivilized methods including stealing whatever equipment they believe contains the data.

The major proposition to GCI regarding the security of its records, will be to mainly advise the management to consider reverting to the old but reliable system of having all the important documentation of a company stored in only one location from where it can only be accessed by selected individuals. In case it is absolutely necessary that the enterprise maintains this laptop system, then appropriate measures and adequate ‘fire-walling’ should be insisted on. The company should purchase top-end software for protection against external encroachment into the systems. These software should ideally support the function of password protection such that individuals would not enter the system with proper identification. Managerial decisions have to be made regarding who has access to what data depending on their position in the firm. This will provide for accountability because if any information about the company’s finances or those it serves is found to have been leaked to the public or even the competitors, then a particular individual can be isolated to offer an explanation. Company legislation should either be created or if already-existing, be redrafted to encompass the issue of information leakage. The appropriate consequence for actions deemed to put the company’s confidential information at risk should be clearly stipulated and this should be communicated to all levels of management.

The following conditions must be observed when designing a policy statement for a company (Tipton, & Krause, 2007). First and foremost, the policy statement should be picked from rules that have been established to govern the operation of the enterprise. Secondly, the statement should have guidelines that show the company’s basic strategies towards achievement of the said goals. The statement should also clearly state what is expected of the employees of the enterprise while giving clear reasons as to why such expectations are required of the staff. A company policy statement should stipulate the foundation for the preparation and the implementation of the regulations that have been decided upon and should have a provision for accommodation of changes occasioned by professional demands. The policy statement should as well provide for ways of evaluating the performance of both the company and the individuals.

Global Corporation INC.

Data Protection Policy Statement

In recognition of the company’s responsibility to client enterprises, we hold the belief that all the necessary effort should be made to maintain the security of both our company’s and our clients’ financial records.

The materialization of this policy is the combined effort of both management and staff of Global Corporation Inc. (GCI). Cooperation is expected between these two groups in order to ensure that the policy is well adhered to.

The institution shall provide the required software to protect each individual laptop from infringement by hackers. However, all individuals are expected to be extremely vigilant in the protection of company data. All members of staff will be required to sign an agreement detailing what types of data they can gain access to depending on their position in the company.

Software shall be provided to render data unusable should there be an unavoidable breach in security and staffs are expected to report such a breach as soon as they notice it.

Adopted on this _______ day of __________________, 2010

Chief Executive officer: _____________________________

ATTESTED: _____________________________________

Reference List

Pfleeger, P. C, & Lawrence, S.P. (2007). Security in computing. (Volume 4). New Jersey: Prentice Hall.

Tipton, F.H, &, Krause, M. (2007). Information Security Management Handbook, (Volume 2). United States: CRC Press.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, March 13). Global Corporation Inc.: Data Protection Policy Statement. https://ivypanda.com/essays/global-corporation-inc-data-protection-policy-statement/

Work Cited

"Global Corporation Inc.: Data Protection Policy Statement." IvyPanda, 13 Mar. 2022, ivypanda.com/essays/global-corporation-inc-data-protection-policy-statement/.

References

IvyPanda. (2022) 'Global Corporation Inc.: Data Protection Policy Statement'. 13 March.

References

IvyPanda. 2022. "Global Corporation Inc.: Data Protection Policy Statement." March 13, 2022. https://ivypanda.com/essays/global-corporation-inc-data-protection-policy-statement/.

1. IvyPanda. "Global Corporation Inc.: Data Protection Policy Statement." March 13, 2022. https://ivypanda.com/essays/global-corporation-inc-data-protection-policy-statement/.


Bibliography


IvyPanda. "Global Corporation Inc.: Data Protection Policy Statement." March 13, 2022. https://ivypanda.com/essays/global-corporation-inc-data-protection-policy-statement/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1