Having security policies is essential for Plankton Games to ensure security of their systems. Plankton should introduce an organisational policy that contains policies in regards to risk management and data protection. The business should comply with regulatory policies such as Access control policy; Antivirus policy; asset management policy; physical security policy. Management should be able to determine what is required to be protected as shown above through the risk assessment and risk register. The management of Plankton Games should understand the laws and regulations it is responsible for. The security policies should outline what employees are expected of in regards to complying with the security policies and the consequences …show more content…
During a security breach that may occur a logging system will allow Plankton to be notified of any negative events that may occur. This can enable the business to gain notification of what is happening within the network such as data being extracted or failures such as power failure or fault within hardware. This would enable the business to track the route cause of the threat. To enable this, being able to assess the environment of the business is essential, such as the assets that need to be monitored and therefore configure notifications and alerts on those assets. (Security Compass, 2018) Being able to collect and archive all logs will allow the business to identify faults and therefore mitigate future threats or trace back to its route, as well as providing regular assessments on the …show more content…
If employees don't have the knowledge on security and its impact, it will greatly affect the business as they may likely be victim of security threats such as phishing. Therefore it is essential Plankton Games are able to train their employees. To ensure this it is of good practice for Plankton Games to ensure that employees are given training on the businesses organisational policies as well ensuring new employees are given training and information on their security policies. By doing this it will ensure new employees will have a good understanding of the security policies and be more aware of being