Everyone Must Be Responsible When It Comes to Information Security

Top management teams often differentiate their departments by area of expertise. Finance is in one silo. Research and development is in another. Sales and customer service is another. Marketing is another. And finally, technology is another. But, when it comes to computer security and data security, there are no dividing lines. Everyone is responsible for safe computing.

Ben Rothke, a security expert with more than 15 years of industry experience in the area of information systems security and privacy, wrote a timeless book entitled, “Computer Security: 20 Things Every Employee Should Know.”

Ben explained, “The importance of a security strategy cannot be underestimated. In order to have a secure company, security policies must be clearly stated and available, systems and workspaces must be secured, and employees need to understand what potential risk they pose to the company through the use of their desktop computer, accessing the Internet while at work, working remotely, accessing internal applications, and handling sensitive and important corporate data.”

While these rules or concepts may appear obvious to those of us who live in the technology arena and specifically in the infosecurity arena, we can all benefit from the reminders. Without further ado, here are the 20 things all employees must know about computer security:

  • Beware of phishing and spyware
  • Protect your identity
  • Be responsible and be aware
  • Choose your password wisely
  • Practice safe access
  • Protect your work outside the office
  • Reduce email risks
  • Suspect email hoaxes
  • Work wisely with the web
  • Avoid Internet dangers
  • Master instant messaging
  • Use firewalls and patches
  • Use PDAs safely
  • Back up and secure data
  • Manage data wisely
  • Secure your workspace
  • Beware of social engineers
  • Use corporate resources only for work
  • Call the experts when things go wrong
  • Keep things in context

But, the reality is that threats will appear. They will continue to threaten the security of corporate data, and IT Departments will continue to juggle their everyday infrastructure projects with fixing problems resulting from malware, data loss, and user error. But if all employees, no matter what their business function may be, take the time to become more careful and more thoughtful users, the result will be more secure corporate data.

Connect on Twitter: https://twitter.com/#!/benrothke

Follow Ben’s Blog: https://365.rsaconference.com/blogs/securityreading

Advertisements

About Allan Pratt

Technology and cybersecurity professional with focus on tech news, cybersecurity, networking, infrastructure, data protection, consumer electronics, and social media.
This entry was posted in Book Reviews, Data Security, Network Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s