Navigation
TOP 10 List of Ways to Create a “Security Culture” Within an Organization
Aug 25, 2008

TOP 10 Lists of Ways to Create a “security culture” Within an Organization

Al Decker and Rebecca Whitener, two security experts from Texas technology services company EDS, have compiled a top 10 list of ways to create a "security culture" within an organization. The two say that with security breaches and identity theft on the rise, protecting information is the responsibility of everyone in an organization.

1. Implement a culture of security at the top, including senior management.

2. Offer employees annual training programs.

3. Encourage a clean desk policy. Desks or unlocked offices are targets for information theft.

4. Activate an information classification policy. Creating an awareness of what types of information are "for your company only" can help reduce security breaches.

5. Dispose of information securely: shredders for sensitive information, the trash for other documents.

6. Guard your conversations outside company premises. Remind employees that discussions in public places could leak information.

7. Approach security in multiple layers, including restrictions of physical access to facilities.

8. Make sure employees can answer two vital questions: Would you know a security violation if it occurred? Who would you tell if you learned of one?

9. Don't underestimate the power of social engineering. Employees must realize that any unusual activity should be considered suspicious: unknown people roaming halls, odd requests for information outside of normal business processes, requests for passwords.

10. Ensure that the corporate audit function includes a security policy and practices review.

PREVIOUS POSTS
Jul 25.08 | Ted Hart launches Green Nonprofits organization www.greennonprofits.org

"For years I've heard from nonprofits around the world of their interest to support and protect the environment. Because they did not perceive themselves to be experts, it was unclear what they could do to make a difference and still run a successful nonprofit/NGO. Today, GreenNonprofits, Inc. provides that answer; provides that path for every nonprofit around the world to make significant changes that when combined together will create a powerful force for the greening of this industry." - Ted Hart, CEO

GreenNonprofits was founded to be an accessible source of information about greening your nonprofit workplace, and to be a desktop tool for any nonprofit to become green[er].

As people and corporations around the world become more "green" they in turn expect the nonprofits they support to also take proactive steps to protect the environment. GreenNonprofits will lead the way in helping Nonprofits/NGOs around the world meet this challenge. "Ted Hart, CEO" read more

Jan 14.08 | Convio Security Breach and (PCI DSS) Payment Card Industry Data Security Standards

I find it interesting that I see no mention in any of Convio's follow up information of the required and mandatory Payment Card Industry Data Security Standard's compliance certificate for service providers in our industry. read more

Sep 20.07 | What a Difference a Week Makes!

PCI DSS First Global Community Meeting! read more

Sep 10.07 | PCI DSS! Is The Payment Industry Serious About Getting and Keeping Itself Secure?

The PCI DSS program has been in place in its original incarnation as AIS/CISP since 2001! Why is it then that so few organizations world wide are not compliant? Why is it then that so many service providers are still doing business "flying under the radar screen"??? read more

Nov 17.06 | I’ll Take a Ticket on You Kid!

About 6 pm, Wednesday evening October 25, Jimmy, my dearest friend and mentor, transitioned into heaven to begin the next phase of his life! A time for great sorrow and great celebration! read more

May 26.06 | Big Money, Bigger Lifestyle, Biggest Lies!

You know my two sons consistently tell me that I am too honest to be in business. My consistent reply back to them is nonsense. There is no such thing as being too honest in business. I take great pride in always standing in my truth and knowing that my word can be trusted. read more

May 08.06 | What is Happening with My Opinion?

What is My Opinion? read more

ARCHIVE