Five Strategies for Running a Successful Security Program

Posted by Sabrina Sturm Tue, 12 Feb 2013 09:55:00 GMT

There are many working parts to a successful security program. In addition to enforcing formal regulations for mobile worker access and VPNs, it is an enterprise’s best interest to utilize tools that will encourage staff to help keep data safe.

Thank you to CSO Online for publishing a write-up of 77 More Ideas for Running a Great Security Program. We reviewed the list and found the strategies useful for anyone running a security program within an enterprise. Here are 5 strategies we found especially compelling:

#1 - Don’t Forget your Disaster Recovery Plan and Crisis Management Goals

In regards to a disaster recovery plan, it is important to inspect what your most crucial systems are and the effect an outage would have on them. It is also valuable to consider what the total loss would be if a disaster struck, the cost of implementing a contingency plan and whether you are willing to run the risk of NOT having a plan in place. Both disaster recovery plans and crisis management goals should always be regularly communicated to your staff and personnel so everyone’s on board.

#2 - Keep Your Data Encrypted

Always remember that sensitive information requires double-guarded and safe storage. Pre-encrypt your data before sending it to your cloud provider. And most importantly, do not store the encryption key with the data.

#3 - Managed File Transfer

Some of your employees may be looking for the easy way out when it comes to sending large, but sensitive files to one another. Instead of using public services in the cloud where data may not always be safe, implement a managed file transfer system that allows your employees to securely send large files.

#4 - Market the Need for Enterprise Security in Your Office

This is a working part of successful security program that keeps employees educated. Raising security awareness with e-mail reminders and posters can prompt safe practices. Furthermore, while security training sessions may be effective at first, reminders and follow-ups are more successful for the long run.

#5 - Educate Employees on Personal Security Issues

Enterprise data is not the only sensitive information out there. Your employees are also at constant risk for identity theft, e-mail phishing scams and other personal security issues. By informing employees of these risks and how to safeguard their information, they will be more motivated to keep enterprise data safe too.

Try out some of these strategies as they lead the way to the end goal: secure connectivity and safe data!

 

no comments |

You must be registered in order to write comments. To register as a new user click here.

If you're already registered, please leave a comment here

Leave a comment