Information Security Policies and Procedures

Information security is a critical factor that all online stores must consider as they undertake their operations. A grocery online store such as Safeways.Come is one example of such a firm that must ensure tight security to its information with the aim of protecting their clients as well as safeguarding business operational issues. Some of the possible risks to the stores include the possibility of leaking client information such as their credit card or payment details (Markgraf, 2016). This risk is likely to occur if the store does not have an adequate method of securing clients payment information online that is fed via their sever. Secondly, the store is likely to face the risk of losing their important information that should not be shared to the public if they do not have a secure server that protects such important organizational information.

If this sample essay on"Information Security Policies and Procedures" doesn’t help,
our writers will!

Trust an expert

The leaders of the organization may have to deal with the trouble of lost payment over there server if they do not use a secure online payment platform. The hackers might spare the clients payment information and I stead steal critical payment data of the store. Most online stores use a shopping cart for clients to use during shopping to make their orders. The company needs to come up with a proper plan to ensure that each customer is able to place their orders and get them as per the placement. Poor planning of placement of orders may lead to confusion in orders placed by clients. The online store may also face the security threat that concerns their online stores (Peltier, 2016). This risk may occur if the leaders do not secure their online store in advance.

Security Policy

Leaders at safe ways require using a security policy that enables the firm to identify the risks that it is likely to encounter. The policy should be concerned with the analysis of factors such as using secure server, securing the firms system and information, ensuring safety to clients critical details and information such as financial details, physical addresses and other information that the organization might require during online transactions (Peltier, 2004). The policy must enable the leaders to formulate an effective method of placing orders and having their products delivered on time. Similarly, the security policy needs to consider payment methods as well as ability to place orders easily. Once the order has been placed, the system should enable the concerned employee to trace the order and ensure that the right goods are delivered to the correct client at the specified time.

The policy will ensure that the leaders are able to identify risks such as breaches in to the system, which might lead to stealing information such as client payment details, payment information and online fund transfer abilities of the firm. Using this policy will also ensure that the leaders are able to iron out possible risk of using unsecure server that might jeopardize system security hence possible hacking by malicious people in and out of the organization. Similarly, they will be able to ensure that all the transaction details are kept within the organization and that any vital information for the company is kept out of reach to any unauthorized persons (Markgraf, 2016). The main goals of the policy if to ensure that the company uses a secure server that starts with https and not just http which is not a secure server. The policy aims to ensure that the online grocery store uses a secure site. They strategy has an objective to ensure that all the clients financial and other information is safe within the firms system and that the organizational information is secured from possible access to unauthorized people.

Potential Legal Issues

Many businesses such as Safeways.com are likely to face some legal issues if they fail to use the correct policies for minimizing risks from their online stores. The first legal issue they might encounter is the lack of using secure server and site, which might lead to damages to their clients. All customers using online services expect their company to have a secure server and site that protects them from any cyber threat that might also affect their lives. On the same note, such clientele believe in the privacy terms and conditions of the organizations, as they know that the privacy clauses protect their information. Therefore, if the company fails to use a secure server, which leads to, threat to their client then the customers will take them to court for client negligence (Peltier, 2016). Customers may also sue the organization based on leaked client information dealing with factors such as payment details and other data that might put their lives in danger from hackers. Similarly, the organization may also face legal issues based on payment problems that arise from them and from their clients. Either they will have to sue a hacker for interfering with their payment options or a client will sue them for the same.

References

Markgraf, B. (2016). How to Create a Security Plan for Your Store Online. Journal of Business .

Peltier, T. (2004). : A Practitioner's Reference, Second Edition. New York: CRC Press.

Peltier, T. (2016). Information Security Policies, Procedures, and Standards: Guidelines for Effective Information Security Management. New York: CRC Press.