Blog Posts Tagged with "Policies and Procedures"

59d9b46aa00c70238bb89056cfeb96c0

Napoleon’s Invasion of Russia and Risk Management

June 20, 2012 Added by:Thomas Fox

As compliance programs become more mature, you can use the information generated in a risk assessment in a variety of ways to facilitate an overall risk management program. To create an effective risk management system, understand the qualitative distinctions among types of risk an organization faces...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Insider Threats Confound Enterprise Security Efforts

June 20, 2012 Added by:Headlines

"The majority of staff within any organization are trustworthy and honest. But businesses must understand the scale of the threat posed by the small proportion of staff who act dishonestly and defraud their employer and the numerous ways in which an organization can be targeted"...

Comments  (1)

02a6d0efd54c7388e26f125d8df83671

Is BYOD a Nightmare for IT Security or a Dream Come True?

June 19, 2012 Added by:Megan Berry

While you still may be debating whether or not to allow employees to use their own smartphones or tables for work, many organizations realize that they may not have a choice. Though it may seem that the risks of unsecured devices are a security nightmare, with the right tools, companies can work BYOD to their advantage...

Comments  (24)

7ddc1f3000a13e4dfec28074e9e7b658

Congressional Witnesses Agree: Multistakeholders Right for Internet Regulation

June 15, 2012 Added by:Electronic Frontier Foundation

The threat posed by the International Telecommunication Union (ITU) is not limited to an outright "takeover" by Russia or China. ITU's vision of Internet policy-making is more like "taking control" than the transparent and bottom-up multi-stakeholder process typically associated with Internet governance...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Tripwire Examines the State of Risk-Based Security Management

June 14, 2012 Added by:Headlines

"Though organizations profess a commitment to RBSM... this security practice is still in its infancy. To establish an effective... program, certain barriers need to be addressed. These include securing adequate resources, having employees with the necessary expertise and designating strong leaders..."

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Fashionable But Vulnerable: Mobile Devices in the Workplace

June 12, 2012 Added by:Simon Heron

Mobile devices are contributing to improved efficiency and are undoubtedly popular with employees, but they are also inherently vulnerable. To minimise the risks, organisations must develop specific mobile device management policies – and then enforce them...

Comments  (0)

59d9b46aa00c70238bb89056cfeb96c0

Pink Floyd’s "The Wall" and Compliance

June 12, 2012 Added by:Thomas Fox

Compliance: One of the most important things is that sometimes you just hit a brick wall. You can carefully plan a strategy, implement the planned strategy and then measure the results, but it can still fall completely flat. In other words, you hit the proverbial wall...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Lies We Tell Ourselves: 5 Misconceptions Infosec Needs to Change

June 10, 2012 Added by:Rafal Los

Good security practices and principles can save your organization money in a real, measurable way, and it can contribute to making more money by getting to market faster, having more clients... so stop thinking of security as a cost center and start thinking of ways to help the business top or bottom lines...

Comments  (0)

296634767383f056e82787fcb3b94864

LinkedIn Failed to Meet Standards or Better Standards are Needed

June 10, 2012 Added by:Jeffrey Carr

LinkedIn doesn't have a CSO or CISO, which for a publicly traded company communicates that security is not a priority. Considering they still don't know how this breach occurred and the minimal attention payed to password security, I can't help but wonder how secure the credit card information is...

Comments  (0)

145dfdfe39f987b240313956a81652d1

It’s Time to Convert from Passwords to Passphrases

June 08, 2012 Added by:Stacey Holleran

The traditional password must die. The whole concept is fatally flawed. The sheer volume of attacks should be a wake-up call to anyone utilizing a password (pretty much everyone). Now is the time to practice vigilance and to secure systems, accounts and security applications such as firewalls with Passphrases...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

FTC MySpace Settlement: Say What You Do and Do What You Say

May 30, 2012 Added by:David Navetta

The settlement bars MySpace from making future misrepresentations regarding the extent to which it protects users’ personal information, requires it to implement a comprehensive privacy program and requires it to undergo biennial, independent, third party privacy assessments for the next 20 years...

Comments  (0)

959779642e6e758563e80b5d83150a9f

How to Secure Patient Data in a Healthcare Organization

May 23, 2012 Added by:Danny Lieberman

If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Social Media Seeks Control Through TOS Enforcement

May 21, 2012 Added by:David Navetta

So far, social media companies have only sought to squash undesirable behavior on their platforms from third party commercial entities, such as spammers or those seeking password sharing, but in the future such litigation could be viable against individual users...

Comments  (0)

Da9f2c6651b84f7db75ae55d6e372103

Securing Your Company Against BYOD-Created Threats

May 14, 2012 Added by:Ashley Furness

The increasing emergence of Bring Your Own Device (BYOD) policies has both good and bad implications. Here are four strategies your company should implement to keep data secure while supporting employees' choice to use their own laptops, smartphones and tablets in the workplace...

Comments  (3)

099757b145caa6965ea51494adbc25ba

The Importance of Mobile Device Management for Enterprise Security

May 13, 2012 Added by:Drayton Graham

Almost everyone has their own mobile phone these days, nd they are quickly becoming a necessity in business. In order to enable the kind of freedom BYOD brings, the corporate network and data needs to be protected. Mobile Device Management is a solution that will help with this...

Comments  (2)

0a8cae998f9c51e3b3c0ccbaddf521aa

Breached! Now What? Seven Steps to Avoid Failure Panic

May 07, 2012 Added by:Rafal Los

To many organizations, a security breach means a catastrophic failure in security signifying a breakdown in the mechanisms installed to keep the organization secure, and by its very nature represents failure. The problem with this situation is it really represents two failures...

Comments  (1)

Page « < 3 - 4 - 5 - 6 - 7 > »