Items Tagged with "Policies and Procedures"
June 24, 2012 Added by:Brent Huston
One of the more common rules is to enable the remote wipe and lock feature. This means that if your device was ever stolen or compromised, the IT department can remotely lock the device and then wipe any data from it. And yes, that would include all of your photos as well as other items...
June 22, 2012 Added by:Headlines
The Federal government released The Digital Government Strategy, a 12-month action plan for the deployment of new technology is designed to enable the delivery of digital information and services anytime, anywhere, on any device, safely and securely-throughout the Federal workforce and to the American public...
June 20, 2012 Added by:Thomas Fox
As compliance programs become more mature, you can use the information generated in a risk assessment in a variety of ways to facilitate an overall risk management program. To create an effective risk management system, understand the qualitative distinctions among types of risk an organization faces...
June 20, 2012 Added by:Headlines
"The majority of staff within any organization are trustworthy and honest. But businesses must understand the scale of the threat posed by the small proportion of staff who act dishonestly and defraud their employer and the numerous ways in which an organization can be targeted"...
June 20, 2012
“This strategy is not simply about embracing the newest technology - it is about keeping the DoD workforce relevant in an era when information and cyberspace play a critical role in mission success," said Teri Takai, Department of Defense chief information officer...
June 19, 2012 Added by:Megan Berry
While you still may be debating whether or not to allow employees to use their own smartphones or tables for work, many organizations realize that they may not have a choice. Though it may seem that the risks of unsecured devices are a security nightmare, with the right tools, companies can work BYOD to their advantage...
June 15, 2012 Added by:Electronic Frontier Foundation
The threat posed by the International Telecommunication Union (ITU) is not limited to an outright "takeover" by Russia or China. ITU's vision of Internet policy-making is more like "taking control" than the transparent and bottom-up multi-stakeholder process typically associated with Internet governance...
June 14, 2012 Added by:Headlines
"Though organizations profess a commitment to RBSM... this security practice is still in its infancy. To establish an effective... program, certain barriers need to be addressed. These include securing adequate resources, having employees with the necessary expertise and designating strong leaders..."
June 12, 2012 Added by:Simon Heron
Mobile devices are contributing to improved efficiency and are undoubtedly popular with employees, but they are also inherently vulnerable. To minimise the risks, organisations must develop specific mobile device management policies – and then enforce them...
June 12, 2012 Added by:Thomas Fox
Compliance: One of the most important things is that sometimes you just hit a brick wall. You can carefully plan a strategy, implement the planned strategy and then measure the results, but it can still fall completely flat. In other words, you hit the proverbial wall...
June 10, 2012 Added by:Rafal Los
Good security practices and principles can save your organization money in a real, measurable way, and it can contribute to making more money by getting to market faster, having more clients... so stop thinking of security as a cost center and start thinking of ways to help the business top or bottom lines...
June 10, 2012 Added by:Jeffrey Carr
LinkedIn doesn't have a CSO or CISO, which for a publicly traded company communicates that security is not a priority. Considering they still don't know how this breach occurred and the minimal attention payed to password security, I can't help but wonder how secure the credit card information is...
June 08, 2012 Added by:Stacey Holleran
The traditional password must die. The whole concept is fatally flawed. The sheer volume of attacks should be a wake-up call to anyone utilizing a password (pretty much everyone). Now is the time to practice vigilance and to secure systems, accounts and security applications such as firewalls with Passphrases...
June 05, 2012
Action is required by all organizations to secure their SCADA networks as part of the effort to protect the nation’s critical infrastructure. The President’s Critical Infrastructure Protection Board and the Department of Energy have developed steps to help organizations improve SCADA security...
May 30, 2012 Added by:David Navetta
The settlement bars MySpace from making future misrepresentations regarding the extent to which it protects users’ personal information, requires it to implement a comprehensive privacy program and requires it to undergo biennial, independent, third party privacy assessments for the next 20 years...
May 23, 2012 Added by:Danny Lieberman
If you are a HIPAA covered entity, securing patient data is central to your business. If you are a big organization, you probably don’t need my advice. If you are small to mid-size provider without a large budget, the question is “How can I do this for as little money as possible?”