In the not so distant past, to secure a company a business owner needed locks on the doors, windows, and possibly an alarm system. Not long after, security meant computers and passwords and moving from paper-based transactions to online processes. In recent years, security has expanded and is now more encompassing than ever with the title of Cyber Security. Cyber security, as defined by Merriam-Webster, is the measures taken to protect a computer or computer system (as on the Internet) against unauthorized access or attack. It sounds simplistic; in reality, learning and implementing strategies that meet the business needs and budget can be overwhelming.
Organizations of all sizes are at risk for a compromise, be it a virus on a workstation or data held for ransom. Every business needs to view security as a key building block for continued success. Where to begin?
There are many ways to educate yourself and your employees. Security blogs, videos, and government services are readily available online which can provide insight. Don’t forget to reach out to your business groups and listen to what they are implementing or testing. Do you have an IT partner? Reach out to them for seminars, webinars, or even an assessment to get your security baseline and help for empowering your employees to be security aware.
A security policy is essential. It defines your critical assets and processes for protecting the business and the employee. The policy should be communicated to everyone, and regularly reviewed and updated. Most organizations require that all employees read the policy when hired and then again yearly to maintain familiarity.
The security policy should include information such as:
- Authentication methods
- Definition of confidential information
- What constitutes a security event
- Process for escalation for a possible compromise
Do you need help with a security initiative or an assessment of your security posture? Peters & Associates can help protect your assets with managed services, policy creation, security assessments, security education, and more. Need more information? Email email@example.com. We are happy to help.