Sponsor Robert Siciliano as he runs the Boston Marathon for Miles for Miracles, Children's Hospital Boston
ROBERT SICILIANO is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

FREE EBOOK

Check here if you're human

Sponsors

Data security policies need teeth to be effective

0
Pin It

Bottom line: If you have a data security policy in place, you need to make sure that it’s up to date and contains all of the necessary elements to make it effective. Here are 10 essential items that should be incorporated into all security policies:

4H1. Manage employee email

Many data breaches occur due to an employee’s misuse of email. These negligent acts can be limited by laying out clear standards related to email and data. For starters, make sure employees do not click on links or open attachments from strangers because this could easily lead to a ransomware attack.

2. Comply with software licenses and copyrights

Some organizations are pretty lax in keeping up with the copyrights and licensing of the software they use, but this is an obligation. Failing to do so could put your company at risk.

3. Address security best practices

You should be addressing the security awareness of your staff by ensuring that they are aware of security best practices for security training, testing and awareness.

4. Alert employees to the risk of using social media

All of your staff should be aware of the risks associated with social media, and consider a social media policy for your company. For example, divulging the wrong information on a social media site could lead to a data breach. Social media policy should be created in line with the security best practices.

5. Manage company-owned devices

Many employees use mobile devices in the workplace, and this opens you up to threats. You must have a formal policy in place to ensure mobile devices are used correctly. Requiring all staff to be responsible with their devices and to password protect their devices should be the minimum requirements.

6. Use password management policies

You also want to make sure that your staff is following a password policy. Passwords should be complex, never shared and changed often.

7. Have an approval process in place for employee-owned devices

With more employees than ever before using personal mobile devices for work, it is imperative that you put policies in place to protect your company’s data. Consider putting a policy in place which mandating an approval process for anyone who wants to use a mobile device at work.

8. Report all security incidents

Any time there is an incident, such as malware found on the network, a report should be made and the event should be investigated immediately by the IT team.

9. Track employee Internet use

Most staff members will use the Internet at work without much thought, but this could be dangerous. Try to establish some limits for employee Internet use for both safety and productivity.

10. Safeguard your data with a privacy policy

Finally, make sure that all staff members understand your company’s privacy policy. Make sure that data is used correctly and within the confines of the law.

Consultant Robert Siciliano is an expert in personal privacy, security and identity theft prevention. Learn more about Carbonite’s cloud and hybrid backup solutions for small and midsize businesses.

About the Author
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.

Similar Posts

  • “BYOD”? Mobile Security Tips for Small Businesses
    Many employees have come to expect that they should be able to use personal smartphones and other mobile devices at the office. This creates problems for IT managers. A company’s IT staff may have a solid grasp on company-issued laptops, desktops, and even mobile phones, but it is almost impossible to control the results when
  • Mobile Device Security in a BYOD World
    In the real world there is little difference between an employer’s issued device and a personal mobile device. The most important difference should be that a digital device issued by your employer requires and should have a “company mobile liability policy”. Businesses generally provide and pay for employee mobile devices, and also strictly dictate what
  • Study Shows 67% of Employees Expose Sensitive Data Outside the Workplace
    IDC, an IT analyst firm, estimates that the mobile worker population could reach 1.3 billion by 2015, meaning, they access workplace data outside the workplace. This is risky because it exposes data to hackers. In fact, the safety of what’s displayed on the computer screen in public is of huge concern. The 3M Visual Data Breach
  • 7 Small Business Social Media Risks
    Many executives are concerned about social media related risks (e.g., data security and ID theft), but far fewer actually have any social media training. A recent survey of executives puts the concerns into four categories: disclosure of confidential information; damaged brand reputation; ID theft; and legal and compliance violations. Another feature that the survey unveiled was that
  • McAfee Mobile Security Delivers at Mobile World Congress
    In Barcelona, Spain on Feb. 27, 2012 McAfee unveils its series of technology advancements that deliver upon its vision of providing comprehensive mobile security and privacy protection for devices, data and apps. McAfee® Enterprise Mobility Management (EMM™) 10.0, available now, includes significant security updates for enterprise customers to enable ‘bring your own device’ practices in the enterprise. With EMM 10.0,

Comments are closed.

Xtreme School

Featured in

Anderson Cooper John Stossel Robert Siciliano Featured in
Browse by Month

Browse by Category