Security diligence makes a difference

Ironclad, well-formulated security and privacy policies are the single most important way that companies can protect their customers and their own assets, but it's far from a one-size-fits-all process. A comprehensive policy consists of four parts: Policy guidelines for employees should help managers identify what data is stored and where, which people and processes access the data, which channels it can be transmitted to, and acceptable destinations. The policy should also provide guidelines for creating hard-to-crack passwords and information on frequent password updating and how to keep passwords private. Physical security should be addressed by spelling out which physical assets are most important to the company, along with strict policies and control systems to monitor them. Finally, a comprehensive policy should stipulate that all patches and updates be automatically and immediately installed.

Read more about protecting your company and its customers:
- read the article at The ChronicleHerald.ca