Internal Policies and Procedures Essay Example | Topics and Well Written Essays - 1750 words

Internal Policies and Procedures - evidence ExampleThe ERP platform is designed and implemented to control majority of the business process in the company. The users in the geographic anyy separated locations like 2 factories and 4 sales offices are connected apply out-of-door connectivity. This also enables the users to interact with the outline in a secure environment to manage workflows.The company is use connectivity through leased lines with direct point-to-point (P2P) connectivity for the factory locations. However, as the sales offices are dispersed across 4 diverse locations, the company is using Internet based connectivity using Virtual Private Networks (VPN) to establish connectivity from these foreign locations to the main server housed in the corporate office.As mentioned above, the network connectivity plays an important role in the palmy usage of ERP package. In order to have an uninterrupted connectivity, it is important to build a secured network as well as ens uring that it is maintained well. (Kadam Avinash, 2001)Review of current networking setup. The current networking setup was build when the ERP package was implemented. The networking firewall configured at the same time. The Anti virus software was installed at the same time as well. Since, then (3 years back), no effort was spent to update the firewall configuration or anti virus software. On the customer privacy perspective, no encryption of customer data is being done which endangering it to be compromised easily. As the sales locations are using VPN, non encrypted data transfer becomes a sitting duck by the hackers who would take to steal the customer data for corrupt intentions. In certain areas, it was observed that some users are using the vendor provided default passwords and there is no password policy to access the network. The Information Technology (IT) is a dynamic field. Numerous new virus, spywares, malwares or web crawlers are being written by hackers all over the world with intentions to bring down the Information systems in any organization. Hence, a constant up-gradation of the IT systems is unavoidable so that any attack on the IT system with a potential to bring the business to a halt or compromise of Customer data can be pro-actively prevented. During unplanned/planned system shutdowns or network outage, the data is transferred by emailing the data packets to update inventory and complete workflows exposing the organizations data to be stolen and misused. (Kutzke Todd, 2009)A policy needs to be developed to ensure the constant up-gradation and testing of networking on unceasing basis so that the system is not susceptible to any possible attacks as well as an access control mechanism needs to be developed for accessing Customer Data by congenital company employees. Suggestions for enhancing the current networking setup. Subsequent discussion with the professionals in the IT department has resulted in following