Advice about how to create and implement security policies and what security policies your business needs

Security policies are an essential component of any security strategy. This topic contains articles which explain why you need security policies, how to create and implement security policies and how to get your employees to read security policies.

Pros and Cons of MySpace in Business

When MySpace was created, it was as a social networking site for people who wanted to connect to long lost friends, stay in touch with family members and meet new people with like interests. After a bit of evolution, the business marketer saw an opening for promotion purposes–but is it beneficial?

Mobile Device Security: Part 1

The ability to “go mobile” is almost a necessity in today’s business environment. Whether you have a simple work cell phone or a Blackberry and laptop, the convenience of having a mobile device for work purposes cannot be overstated. Consequently, securing those devices should not be overlooked.

Overview: Information Classification Labels

Have you ever questioned the sensitivity of a business document? Can I show this to my cubicle mate? Will I get in trouble if I email this to a client? Information classification labels are a great way to baseline your information security policy so everyone is on the same page.

Overview: Physical Security Controls Page 1

In this series, I examine the preventive and detective capabilities of various types of physical security controls, including biometrics, fences, locks, and data backups. In Part 1, I start with a description and purpose of physical controls, followed by a discussion of preventive safeguards.

Introduction to the Just Enough Security (JES) Method of Information Security – Part One Is An Overview Of The Program

Protecting sensitive information and critical systems is a balancing act, balancing constraints with operational effectiveness. This is the first in a series of articles that comprise and introduction to the Just Enough Security (JES) approach to information security. Application of the JES principles provide “reasonable and appropriate” protection for information assets.