Here's some nice corporate security tips from IT Experts found in a article that I read some time ago.
QUESTION: How would an organisation go about designing an effective security awareness programme for its employees?
Every enterprise should have a good enterprise-wide security awareness programme. Its implementation should be an ongoing process, due to changes in policy and emerging threats over time. Segment your audience according to the level of IT savviness. For non-IT staff, the approach used should be interesting so that it is easily understood, absorbed and applied. Q: How can we convince management of the importance of security? From my experience, most proposals are prepared from a technology perspective, without providing good business reasons or alternatives for a particular security solution. Ideally, security should be made a business decision rather than a technological decision. If it can be illustrated that the cost of implementing a particular solution is cheaper than the result of not implementing it, then management will make the right decision. Q: What is management’s role in implementing the security awareness programme? Management’s involvement is very important, and is often a critical success factor in an enterprise-wide programme. No preferential treatment should be given to management staff because that will defeat the purpose of the programme itself.
Comment Preview