Problem:
Taking care of information falls to those who own the information to develop ethical guidelines about how to manage it. Treating sensitive corporate information as a valuable resource is good management. Building a corporate culture based on ethical principles that employees can understand and implement is responsible management. Organizations should develop written policies establishing employee guidelines, procedures, and organizational rules for information.
E-policies typically include: Ethical computer use policy, Information privacy policy, Acceptable use policy, email privacy policy, Internet use policy, and Anti-spam policy.
What are security policies or e-policies? Explain three security policies that you would primarily recommend to an organization to have as a minimum and why? How security policies should be implemented in organizations?