Evaluation of Security Policies
Security policies are used by organisations in order to ensure that certain regulations and
precautions are followed. The importance of this is that if the policies are adhered to, they may
greatly reduce the risk of a potential threat or issue within the organisation. These policies may
cover most or all aspects of the organisation, from customer and employee information to the
handling of illegal matters.
As previously mentioned there are various policies that an organisation may need to consider in
order to prevent or reduce the potential of a threat affecting operations. The following is an
evaluation of possible policies that the Shenanigans organisation may consider implementing.
Handling of customer and employee information. This policy is vital in ensuring the integrity and
reputation of an organisation. This is achieved by limiting the availability/accessibility of
customer/employee information. By limiting the accessibility of this information, it is less susceptible
to malicious attacks or the use of this information for personal gain.
Health and safety policies are crucial within any organisation. An organisation that has failed to
implement an effective policy for health and safety may be liable to prosecution in the event of an
injury or illness related to the working environment. The policy also aims to prevent any danger to
the employees in the first place.
Procurement of goods, especially counterfeit goods, can have a serious impact on an organisation.
This impact can be seen in both security and legal implications. Shenanigans may be susceptible to
this as a threat due to the various software and hardware used during the development of a project.
It is therefore important to ensure that an appropriate policy is in place that may control the
procurement of goods within the organisation as well as limit the possibility of legal prosecution in
the event that counterfeit goods were accidently or unknowingly procured.
Acceptable usage of assets by staff. This policy would be most applicable in an organisation where
members of staff can perform numerous actions on hardware or software, this may be true for
Shenanigans as they are a relatively small organisation with limited staff performing multiple tasks. If
any of these actions were illegal and conducted on the organisations property, the organisation
could be held liable. This policy aims to prevent these actions from having any negative impact on
the company but rather the staff member(s) involved.
Computing passwords policies aim to ensure the creation and use of strong, well protected
passwords within the organisation as well as the frequency in which passwords are changed. This
policy should maximise the security of passwords used and minimize the possibility of misuse and
theft. Shenanigans, as a games development company would require such a policy as many projects
and assets such as proprietary software, intellectual property, and in-house design software (such as
custom physics engines and the like). As passwords are the most common form of authentication in
most system, a policy such as this is vital for the security of a system.
Security policies are used by organisations in order to ensure that certain regulations and
precautions are followed. The importance of this is that if the policies are adhered to, they may
greatly reduce the risk of a potential threat or issue within the organisation. These policies may
cover most or all aspects of the organisation, from customer and employee information to the
handling of illegal matters.
As previously mentioned there are various policies that an organisation may need to consider in
order to prevent or reduce the potential of a threat affecting operations. The following is an
evaluation of possible policies that the Shenanigans organisation may consider implementing.
Handling of customer and employee information. This policy is vital in ensuring the integrity and
reputation of an organisation. This is achieved by limiting the availability/accessibility of
customer/employee information. By limiting the accessibility of this information, it is less susceptible
to malicious attacks or the use of this information for personal gain.
Health and safety policies are crucial within any organisation. An organisation that has failed to
implement an effective policy for health and safety may be liable to prosecution in the event of an
injury or illness related to the working environment. The policy also aims to prevent any danger to
the employees in the first place.
Procurement of goods, especially counterfeit goods, can have a serious impact on an organisation.
This impact can be seen in both security and legal implications. Shenanigans may be susceptible to
this as a threat due to the various software and hardware used during the development of a project.
It is therefore important to ensure that an appropriate policy is in place that may control the
procurement of goods within the organisation as well as limit the possibility of legal prosecution in
the event that counterfeit goods were accidently or unknowingly procured.
Acceptable usage of assets by staff. This policy would be most applicable in an organisation where
members of staff can perform numerous actions on hardware or software, this may be true for
Shenanigans as they are a relatively small organisation with limited staff performing multiple tasks. If
any of these actions were illegal and conducted on the organisations property, the organisation
could be held liable. This policy aims to prevent these actions from having any negative impact on
the company but rather the staff member(s) involved.
Computing passwords policies aim to ensure the creation and use of strong, well protected
passwords within the organisation as well as the frequency in which passwords are changed. This
policy should maximise the security of passwords used and minimize the possibility of misuse and
theft. Shenanigans, as a games development company would require such a policy as many projects
and assets such as proprietary software, intellectual property, and in-house design software (such as
custom physics engines and the like). As passwords are the most common form of authentication in
most system, a policy such as this is vital for the security of a system.
