Unit #2 – Question 3

Comments

1. Abayomi Aiyedebinu says

   October 12, 2022 at 12:11 am

   Let us assume I am saddled with the responsibility of designing a new Information Security
   Policy and an Acceptable Use Policy.
   According to Charlie Munger ‘knowing what you don’t know is more useful than being
   brilliant’ this is self-explanatory because in this case the Dean is brilliant, yet he did not
   understand the implication of some of his mistakes like not backing up his machine.
   ✓ Importantly, every system or machine belonging to RIT must be backed up
   automatically and not manually because it is a designated personal task and not the
   responsibility of the IT Support team.
   ✓ Periodically the review of sensitive information must be prioritised and not just upon
   event of hazards of whatever form. By this I mean the security (authorizations) must
   be reviewed and beefed up from time to time. So many people do not even know it is
   imperative to change passwords used for a while.
   ✓ Encourage duplication of extremely High priority data and information.
   ✓ Every User must setup a 2-step verification, by this I mean double surety against
   unauthorised invasion.
   ✓ Provision of training, highlighting the pitfalls in disregarding information security
   tips and intelligence and stipulating penalties to enforce responsibility and sensitivity
   on every user.
   Acceptable Use Policy
   This document constitutes RIT’s policy for the proper use of all computing and network
   resources, User privileges, responsibilities, guidelines as well as procedures for RIT computer
   systems and networks.
   All the policies inherent in Appendix 5 is of impeccable standard however, ignorance does a
   lot of evil than good, so it is significant to enlighten the Users, as well as emphasise on the
   penalties apportioned to defaulters to stir up their sensitivity to the importance of these
   policies especially if it is because of negligence

   Log in to Reply