|
IT
Security Policy: A Must Have
by Blake Britton, Vice
President of Axxys Technologies, Inc.
 I
know we all feel that we do our best when it comes to securing both the
physical and tangible assets of our businesses. Most companies feel that
by simply locking doors, controlling who has keys and alarm codes,
changing passwords, and engaging in other basic security measures they
are doing their best to protect the business. I am not a physical
security officer, or loss prevention specialist, but I do know about
"basic" IT policy and how it can help your business protect its
"information" assets.
So here are the questions of
the day: Does your company have an enforceable IT security policy? Who
is directly responsible for the management and enforcement of this
policy? How often is this policy reviewed and updated?
These are all very serious
questions that every business must answer. In a lot of cases the
"information" businesses possess is one of their most valuable assets.
Password
Change Policy - The simplest form of security
End users need to keep their
passwords secure, updated frequently (minimum 90 days), and have some
form of complexity (minimum characters, upper/lower case, numbers, and
symbols). Be vigilant about letting end users know not to share their
password, or provide it to anyone for use on their behalf. You never
know if a person that has been let go from your company can login
remotely under another end user’s identity and access data. Be vigilant!
Remote Access Policy
It’s a mobile world and we
want to ensure our teams have the ability to work remotely. However, we
need to ensure that the data is secured and that you are aware of
exactly what is being accessed.
Read more |
Happy
New Year and welcome to the seventh edition of the
JW Secure Informer, our bi-monthly newsletter. This
is an opportunity to share what’s on our radar,
specifically with respect to enterprise network
security, but also regarding IT and business more
generally.
