[Willy Vazquez]

Companies implement policies to govern how the companies works and what they work for. These policies are the backbone of what makes the company run smoothly. One crucial policy that a company should implement is the Acceptable Use Policy. This policy specifies how employees may use company assets like devices, networks, or other systems. A simple but effective policy any company should is Password and Authentication Policy. This policy is the requirements any password should have when logging into the company network. The policy outlines things like Minimum password length and complexity, regular password changes, and multifactor authentication for accounts higher in the chain. In the event of an attack or the system fails in some way there should be a way to restore lost data or resume function, the Disaster Recovery Policy does this exact thing. Companies should frequently backup their data, this included both incremental and full backups. Some companies implement a BOYD Policy which allows employees to bring their own devices and use those for work. This does come with needed security like a good VPN and the device to be set up correctly to ensure data security.