IT

Tips to help enforce your corporate security policyA recent report indicates that 93% of security breaches are preventable making it vitally important for companies to develop and enforce a corporate security policy.

What is a corporate security policy?

A corporate security policy states how a company plans to protect its physical and IT assets. But a policy must be enforced for it to work. Enforcing protects a company’s employees, assets, information, integrity and reputation from potential threats.
Most companies have some type of security policy, but it may not be updated regularly. A more likely possibility is that nobody outside the IT department, senior management and external auditors knows of its existence.

Having a corporate security policy is of no use unless all your employees are aware of and abide by its contents. To ensure this happens, here are some tips.

  1. Circulate policy updates as soon as new versions are available, highlighting changes from the previous version.
  2. Distribute the security policy to all staff and capture employee signature to confirm compliance.
  3. Do the same for each new hire.
  4. Monitor activity to ensure compliance.
  5. Incorporate disciplinary procedures for continued non-compliance and BYOD (Bring your own device) policies.
  6. Encourage feedback, questions and suggestions on current security policies.
  7. Hold regular mandatory training sessions to educate employees, particularly when new updates are available.

You may also wish to use graphics perhaps in the form of screensavers, computer screens or even posters to encourage enforcement.

Ensure you explain WHY adhering to the policy is important. If people know and understand why, they are much more likely to follow procedures. They then become part of the solution.

By Trilogy Technologies.