DATA PROTECTION SERVICES

Security Best Practices

Security is about people.  More than technology, more than data, security is about people.  The attitudes and resulting behaviors of the employees in your organization will ultimately determine how successful your security initiatives are.  It then becomes your job to make sure each and every person internalizes how critical good security policy is.  That’s where we come in.

Make Best Practices Intrinsic to Your Organization

Our Security Best Practices initiatives help organizations like yours to establish an appropriate set of security policies and procedures and enact a regular training process to make certain each employee understands their role in the security of the company.

Over the years, we have watched as many companies go out and buy the most expensive, multi-layered security infrastructure.  They have locked down their perimeter.  They have encrypted their hard drives.  They’ve done everything that security technology can do.  Yet they failed to consider how the behavior of non-security personnel could impact their wonderful technology solutions.  So when they discovered a catastrophic breach occurred and they traced it to a particular user name and password, they were shocked to find that employee’s credentials written on a sticky note and taped to the monitor in a high-traffic area.  Had that employee embraced the security of the organization, rather than ignore it, the company could have saved hundreds of thousands of dollars in recovery efforts.

Our Best Pracitices Methodology

It is stories like these that have led us to begin offering our Security Best Practices initiatives to our clients.  These initiatives are customized for the each client, but generally follow a pattern similar to the process outlined below:

• Discovery.  We take the time to understand your company culture, business objectives, employee base and existing security strategy.
• Documentation.  Then, starting with our ISO approved templates, we work with you to create your security policies and procedures.
• Awareness Training.  Policies and procedures are worth very little if your employees do not understand them.  So we structure a customized training curriculum that educates your employees and repeatedly updates them to achieve internalization.
• Verification.  Finally, once sufficient training has been provided, we begin a series of controlled tests to evaluate employee behavior and look for gaps in their understanding/acceptance of your security best practices.

Our Security Best Practices initiatives are not intended to trick your employees or create a "big brother" atmosphere in your offices.  Rather, they are intentionally built to underscore how following good security behaviors is a win for the company and for themselves.

Contact us today to discuss how a Security Best Practices initiative would benefit your organization.  We look forward to serving you.