What Is A Security Policy And Who Needs it?

When I was a kid in Brooklyn my mother taught us kids how to be city dwellers. We learned how to walk while being completely aware of all our surroundings, never talk to strangers no matter how much candy was being offered, walk down the street in the opposite direction the cars go, yell fire instead of help and only answer the door only when we heard the secret knock. This in effect was our family’s security policy. A couple of decades later I find myself unscathed with all limbs intact. Mission accomplished. A security policy can work just as well for your business as well.

A written security policy detailing instructions about not sharing passwords with others, locking the computer when leaving their desks and more can go a long way towards preventing data from being improperly accessed. Of course many other security policies can be automatically implemented, such as a change of password policy, restricting sensitive areas to data and programs. Security policies can be centrally managed through a server ensuring uniformity and proper implementation. You can even run a report to see whether any one has been trying to access anything they shouldn’t be.

End of story, there are certain things that are only meant for management’s eyes and not others, but without security policies in place, you can never be sure if that’s truly the case. It does not take a lot of effort but a certain amount of expertise. You may want to consider it if any of your data requires any level of confidentiality. Knock, knock. Does your data know just when to open the door?