Call Us: 888 641 0500
19
JUL
2011

Security Policies to Address Internal Threat

We hear reports of new data breaches almost daily. While most of them are fairly complex stories, they most always begin at some point with a human “insider” making a mistake. In fact, 2011 could be considered the “Year of the Insider.” From the RSA hack and Sony...
11
JAN
2010

Security Policy Controls for Home-based Employee Access

Attackers follow the weakest link The never-ending battle to secure the corporate desktop against viruses, unauthorized software, and spyware now consumes significant resources for many companies. However, as organizations continue to adopt security best-practices to protect...
11
APR
2009

Effective Security Policy Management – Part 4

4. Targeted User Groups Not all information security policies are appropriate for every role in the company. Therefore, written information security policy documents should be targeted to specific audiences with the organization. Ideally, these audiences should align with...
17
FEB
2009

Ideas for Security Policy Sanctions

In order for written information security policies to have “teeth”, there must be consequences for employees that do not follow policies, and this fact must be documented as part of the published policy. The “sanctions” portion of most security policies...
28
AUG
2007

Required Acknowledgement of Security Policy Changes

Legal precedents are beginning to dictate a new standard for the notification of policy changes to your customers and employees. In the “old days” organizations would post changes to information security policies on the corporate intranet, and perhaps even notify...