What measures should a company take to protect its information and business?
2007-03-13 02:33:42 · 1 answers · asked by CelticMoonGoddess 2 in Computers & Internet ➔ Security
In a nutshell
Strict policies. Business communication networks should not be used for private and entertainment purposes. When employees are allowed to use it for personal use, they only expose the company to possible complaints about spam or even worse, data and information leaks, something that you don't want to land in the hands of competitors. All correspondence must be done by the appropriate persons and only for business purposes.
Proper protection against malware and updated definition files for anti-malware products. One anti-malware product on all PC's on the network for easy maintenance. Allowing employees to use their own anti-malware products beats the idea of centralisation. Regular scanning is also required to ensure that the network is free from any threats that may weaken the security systems from the inside.
The company should employ strict network policies and have proper firewall protection on all computers to prevent the spread of malware and unauthorised login attempts. Administrator rights should only be given to highly trustworthy individuals and each employee should have limited access rights to network resources and data, but enough to allow the employee to deliver his/her duties without unnecessary hindrance or causing counter-productivity. Access rights all depends on the role of the employee. In other words employees should only have access to information relevant to their specific duties or department.
When it comes to monitoring, employees should be aware that all their telecommunication and information use will be monitored. This will automatically discourage employees from abusing corporate information systems. Logs should be periodically checked for improper use and action should be taken against the guilty parties so that employees can realise that the company enforces the rules it makes, it does not only warn, it takes action.
Employers should lead by example and never break the rules themselves. This will make it impossible to enforce these policies.
All this depends on the size of the corporation and some policies and procedures are simply not practical in small organisations.
I hope I answered your question.
http://www.cybertopcops.com/
2007-03-13 09:15:46 · answer #1 · answered by cppgenius 4 · 0⤊ 0⤋