Develop the Strategic Components for an IT Policy

Develop the Strategic Components for an IT Policy
Student’s Name
Instructor’s Name
Course Code: Course Name
Professor’s Name
Date of Submission
Develop the Strategic Components for an IT Policy
Introduction
The IT policy of an organization ensures that information shared and stored with the organization network is protected. The IT management policies and their associated procedures are used limit and control the use of the organization technology. This ensures that only right people or individuals with permission can access the financial, business, and customer information stored within the organization servers. This warrants the necessity of developing strategic components of an IT policy. The goal is to ensure there is secure infrastructure for clients and workers. When policies developed are effective, there is a potential of enhancing productivity, customer satisfaction, and minimize errors, or unauthorized access to business information.
Current Business Status
The current state of the business IT infrastructure reveals that there is poor security for customer data and business information. The network system is vulnerable to data phishing, malware infection, poor encryption, and unsecure servers. These issues can be addressed through a comprehensive network security approach to guarantee safe use of the IT system. Moreover, with a strong and secure organization network, there is enhanced confidence in decisions made by clients (Wu, Straub, & Liang, 2015). The staff and clients can act with confidence because any possibilities of data leakage to unauthorized people is impossible. There will also be minimal risks to customers and the business. The strategic objectives developed are aimed at creating sound, viable, and effective policies that will guarantee customer and employee confidence. The network system will also be protected from malware infection, data phishing, and unauthorized access. In order to address the prevailing challenges within the organization, the following objectives will inform the policy formulation process:
Implement measures to protect customer data and information
Implement measures to protect organization data and information
Protect Customer Data
In order to enhance customer satisfaction and data security, the organization must have measures in place to ensure customer data is protected. Data protection ensures that there is appropriate use of the data or information that customers give to the organization. When customers share information in the IT system of the organization, the utilization of the data must be according to what has been outlined in the agreement. In order to protect customer information from unauthorized use or access, the following strategies will be employed.
Create Customer Accounts
The customer accounts are important because they ensure that data from clients is only accessed through the account or by a back-end staff member. Therefore, the organization will create a portal and open accounts for each client. The account will be protected using cookies to enhance data privacy, customer confidentiality, and integrity of the information shared (Shacklett, n.d.). Another tactic to protect customer accounts is using encryption of the accounts through passwords, secret words, or pin numbers. This ensures that only the person with the right login information can access the account (Federal Trade Commission, 2012).
Install Two-Layer Protection
The second strategy that can be used to protect customer information is installing two-layer authentication for the user accounts. This is an important IT policy or procedures that enhances the security of customer data. One of the tactics that can be employed is using two-factor authentication. This allow the customer to receive a code on their phone that will give them access to information or certain user functions after logging in (Deguchi, n.d.). The second strategy entails the use of face-recognition technologies to confirm user identities. Since most devices are fitted with cameras, this is a proper implement to give users permission into the IT network. This can be through an automated face recognition technology that signs out the account whenever an unrecognized person is per...