Blog Posts Tagged with "Policies and Procedures"

0a8cae998f9c51e3b3c0ccbaddf521aa

Defining One Successful Strategy for Enterprise Security

August 20, 2012 Added by:Rafal Los

In far too many organizations leaders and practitioners tell me that the role of Information Security is to protect the organization. Accepting this thinking got us into the predicament where are today, where security isn't everyone's job and only Infosec is thinking about security. This couldn't be more wrong...

Comments  (0)

Ee5e595fc2be8a24327ce7cefe0f7b2c

To Tweet, or Not to Tweet, That is the Question...

August 19, 2012 Added by:Christopher Laing

Activities that threaten your business are the downloading and opening of attachments and Internet files that contain malicious software, and the electronic delivery/distribution of business sensitive information without encryption. This may done either accidentally or deliberately by a disgruntled employee...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Relating Responsibility and Liability: At the Core of BYOD

August 15, 2012 Added by:Rafal Los

Does it make sense to repurpose "security awareness" to be inclusive of corporate and personal responsibility? Should we have users sign agreements that make them aware they are responsible, personally, when bad things happen as a result of their actions? Should there be HR actions against users who are reckless?

Comments  (0)

Bd86d2b4bd72ac0ca847696eec3759f3

Get a BYOD Policy Now

August 09, 2012 Added by:Michelle Drolet

There’s no one-size-fits-all solution. In creating a policy you have to consider what devices to support, how much access to give them, and what kind of budget to allocate. Do you have specific compliance issues? Are you willing to subsidize data plans or device purchases? How do you ensure company data is secure?

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Mobile Security Experts on BYOD

August 08, 2012 Added by:Fergal Glynn

Devices aren’t the main problem in a BYOD strategy: employees are. That’s why BYOD is not just a technical issue. It needs a holistic approach that includes HR, data security and legal stakeholders. Organizations adopting a BYOD strategy should put in place a strategy that includes policies and technical constraints...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Silly Putty and Compliance: Remember It’s Not Always About You

August 08, 2012 Added by:Thomas Fox

This is not the problem where the legal department or compliance department is viewed as the Land of No, inhabited by only Dr. No. It is, instead, the perception that legal or compliance simply institutes requirements without even talking to the people they affect the most, the business unit employees...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD - Challenges of Protecting Data - Part 4

August 07, 2012 Added by:Rafal Los

When it comes down to it, BYOD is only possible if you've got the basics of data-centric security right. You know, protecting the actual data rather than trying to build elaborate structures around the things that work with that data in order to compensate. Let me explain...

Comments  (0)

9f19bdb2d175ba86949c352b0cb85572

The Unbearable Riskiness of Being Social...

August 06, 2012 Added by:Neira Jones

With social networks transforming the rules of business engagement, many businesses think the biggest risk of social media is the brand and reputational damage that could result from negative interactions or the potential disclosure of proprietary or sensitive information...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD: Challenges of Protecting Data - Part Three

August 06, 2012 Added by:Rafal Los

BYOD is going to take the many small holes in your environment and drive a semi truck through them... blowing a hole the size of a Buick in what security we have now. And it's not just because BYOD is going to happen whether you like it or not - but because we need to fix this train wreck we call corporate security...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

On Security Awareness Training

August 05, 2012 Added by:PCI Guru

Security awareness training has its place, but it is not a silver bullet. The world is full of risks and a security professional’s job is to minimize those risks and manage the remaining residual risk. This is why security is done in layers, so that when people make that mistake you minimize the impact...

Comments  (0)

5e402abc3fedaf8927900f014ccc031f

Do You Use Foursquare?

August 05, 2012 Added by:Allan Pratt, MBA

If we don’t continue to raise issues about online privacy and security, websites and their companies’ leadership will continue to demand access to our confidential information under the pretense of doing business, or in scarier terms, doing business as usual. One website that causes concern is Foursquare...

Comments  (1)

1b061b1cec6b5898e5326992d9461610

No Infosec Sacred Cows

August 02, 2012 Added by:Dave Shackleford

Most security awareness programs SUCK. I bet the majority of the awareness proselytizers are doing the same old crap with some stupid Web-based Flash thingie that people click through as fast as they can, and a little printout goes in their HR folder. UGH. That doesn’t work, never has, and never will...

Comments  (3)

0a8cae998f9c51e3b3c0ccbaddf521aa

BYOD: Challenges of Protecting Data - Part Two

August 01, 2012 Added by:Rafal Los

Productivity is nice to talk about when you can sit at home and read your corporate email on your tablet, or mobile phone - but what if that device is ridden with malware, or hijacked to be part of a botnet, there are very serious security and productivity implications there. Let's expand on this a bit...

Comments  (0)

Ee5e595fc2be8a24327ce7cefe0f7b2c

A Packet of Risks and a Small Pot of Tea

July 29, 2012 Added by:Christopher Laing

Risks are just circumstances that if they occurred, would have some impact on the business. Naturally risks can potentially disrupt the business, but if identified, planned for, and effectively managed, risks can have a beneficial impact on the business. The key word here is managed...

Comments  (0)

F29746c6cb299c1755e4087e6126a816

Losing Trust: Canadian Data Breach Spotlights Human Error

July 27, 2012 Added by:Kelly Colgan

It’s not just about protecting ourselves from identity theft or fraud like when our account number or government-issued ID numbers are exposed. It’s what I like to call privacy for the sake of privacy. Just knowing that someone could be looking at our personal histories doesn’t sit well with the public...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Is There a Risk in Using My Personal Device for Work?

July 24, 2012 Added by:Robert Siciliano

“Bring your own device” (BYOD) has become widely adopted to refer to workers bringing their personal mobile devices, such as smartphones, tablets and PDAs, into the workplace for use and connectivity. Because your employer is liable for potentially lost data, if you BYOD, plan on giving up some liberties...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »