A user at Digital Innovation Products has been using company network resources to download torrent files onto a USB drive and transfer those files to their home computer. IT tracked down the torrent traffic during a recent network audit. Unfortunately, the company does not have a current policy that restricts this type of activity.
Identify at least two appropriate policies that should be in place to define this type of behavior and the consequences thereof.
Write a brief overview for C-level executives explaining which policies should be added to the company’s overall security policy framework, why they should be added, and how those policies could protect the company.
