Aspects Of Computer Security

Security policy

Individually the most important thing you can do to make your data more secure is to establish what is called a security policy. This can be represented by something as simple as a single sheet of paper, with the name of the person responsible for the organisations data and a set of rules he expects everyone to follow, or it can be a weighty manual with all aspects of the systems operating conditions and security protocols together with lists of people responsible for the upkeep of the protocols. The important thing to remember is that the security policy is not the document or documents, they are just the representation of the policy, it is the policy itself that is the important thing. Having said that most serious security policies are written down and distributed throughout the organisation for the simple reason that a policy is no use if nobody knows what it is. It should cover the following areas:- Who is responsible for keeping the data safe What are the main threats What steps are used to address those threats

Index Page < Previous - Next > Significant Risks

© Copyright Andrew Bennett 2006