In this tutorial you are going to learn about Security Policies in Cloud Computing.
Introduction
Security policies are the formal set of rules which is issued by an organization to ensure that the users are unauthorized to access company technology and information assets.
Management of every organization must consider the policies or the basics of all the information security efforts. Security policy are expensive to execute the information security and it also the most complicated attempt to implement (As a policy should be of equal value to whole organization).
Policy: Policies are the set of guidelines or the instructions of an organization management to prepare and perform different activities.
Standard Policy: Policies are the ones which slowly convert into standards once every one starts following them.
There are various forms, styles and kinds of security policies for different organization, businesses, agencies and universities.
Regulatory Policy
Regulatory policies are security policies that an organization must implement due to compliance, regulation or other legal requirements. Such as companies might be financial instructions, public utilities, or some other type of organization that operates on the public interest.
Regulatory policies will be keeping an eye on the organizations, if they are following the industry standards and policies or not. The policies should be implemented for legal requirements like regulations and compliance.
Advisory Policy
Advisory policy provides communications and implementation of security policies for devices that are managed by the cloud policy services.
Advisory policies are security policies that are not mandated but strongly suggested. Perhaps with the serious consequences defined for failure to follow them (such as termination, a job action warning, and so on).
Advisory policy is mainly used for the communications about the organization’s internal policies and standards for the activities and the behavior. It actually presents security of the organizational leadership and also the problems/consequences if the violation of security policy happens.
What does an Advisory policy do?
Security policies will evaluate the cloud policies configured for the environment and generate a set of recommendations based on Microsoft best practices. Admin can then review the recommendations.
Informative Policy
Informative policies are the policies primarily for the readers. There are not implied or specified requirements, and the audience for this information could be certain internal (within the organization) or external parties
The policy document could be subdivided into different groups such as:
- A high-level information security policy
- A data classification policy
- An acceptable usage policy
- End-user computing policy
- Access control policies.
The acceptable use policy is of extreme importance to the enterprise.
- It is important users understand the risk they can cause the organization by exposing them to things such as virus attacks or the other compromises of the network systems and services.
- It is very common practice to require new employees to sign an acknowledgement before receiving any access information.
This article on Security Policies in Cloud Computing is contributed by Hemalatha P. If you like TheCode11 and would like to contribute, you can also write your article to us. Here is our mail id - thecode11info@gmail.com