Tips to Help Enforce Your Corporate Security Policy

img-4

A large number of Infrastructure Security Audits show that most security breaches are preventable which is why companies need to not just develop, but also enforce a corporate security policy.

What is a corporate security policy?

A corporate security policy states how a company plans to protect a company's physical and IT assets. Having one isn't enough - enforcing one protects a company's employees, assets, information, integrity and reputation from potential threats, both known and unknown.

Most companies have something resembling a security policy, but they may not be updated regularly. A more likely scenario is that nobody outside the IT department, senior management and external auditors knows of its existence. ISO 27001 requires compliant companies like Trilogy, to enforce corporate security policies and procedures.

Having a corporate security policy is of no use unless all your employees are aware of and abide by its contents. To ensure this happens, businesses can use some of these tips.

Tips to help enforce your corporate security policy

  • Distribute the security policy to all staff and capture employee signature to confirm compliance.
  • Do the same for each new hire.
  • Incorporate disciplinary procedures for continued non-compliance and BYOD (Bring your own device) policies. Here's an article on 5 BYOD security implications and how to overcome them which should help.
  • Circulate corporate security policy updates as soon as new versions are available, highlighting changes from the previous version.
  • Carry out regular mandatory training sessions to educate employees, particularly when new updates are available.
  • Encourage feedback, questions and suggestions on current security policies
  • Monitor activity to ensure compliance.

You may also wish to use graphics perhaps in the form of screensavers, start up screens or even posters to encourage enforcement.

And most importantly, explain WHY adhering to the policy is important. If people know and understand why, it's much easier to get them to follow procedures and then they become part of the security solution. 

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 15 November 2018
If you'd like to register, please fill in the username, password and name fields.

Member Login

Business Insights & Tips

Leaderboard

1
Michael Lane
785 Points
2
Jill Holtz
779 Points
3
Ron Immink
732 Points
4
Fionan Murray
689 Points
5
ContentLive
270 Points
View Leaderboard