White logo ISGWhite logo ISGWhite logo ISG mobileWhite logo ISG mobile
  • Company
    • About
    • Culture
  • Services
    • R&D Consultancy
    • Global Talent Access
    • Optimized Software Development
  • Clients
  • Careers
  • Insights
  • Get In Touch
  • Company
    • About
    • Culture
  • Services
    • R&D Consultancy
    • Global Talent Access
    • Optimized Software Development
  • Clients
  • Careers
  • Insights
  • Get In Touch
✕

Why You Cannot Wait on Finishing your Information Security Policies

May 6, 2020
Categories
  • AWS Security
  • Security
Tags
     

    Let’s get real for a moment.

    This saying exists for a reason “...it’s not IF but WHEN you will have a security incident

     
     

    A few real-world experiences that will happen:

    • Finance falls for a phishing scam and sends funds to a false account/person
    • A customer reports that they have found their personal information on a common search engine
    • FBI investigators reaching out relating that a bank is stating Credit Card (CC) number skimming has been traced back to your organization
    • A staff member gets their PC encrypted from a ransomware email or worse the ransomware has impacted your server farm
     
     

    The first item that will be requested by both legal counsel and an Incident Response (IR) Investigator are your policies. Information security policies are to describe how the organization wants to protect its information assets. After policies are outlined, standards are defined to set the mandatory rules that will be used to implement the policies. Some policies can have multiple guidelines, which are recommendations as to how the policies can be implemented.

     
     

    A mature security program requires the following policies and procedures:

    • Information Security Policy
    • Access Control Policy (ACP)
    • Acceptable Use Policy (AUP)
    • Remote Access Policy
    • Incident Response (IR) Policy
    • WiFi Policy
    • Social Media Policy
    • Email/Communication Policy
    • Mobile Computing Policy
    • BYOD Policy
    • Disaster Recovery Policy/Business Continuity Plan (BCP)
     
     

    Building and managing a security program is an effort that most organizations grow into overtime.

     
    Share
    0

    Related posts

    July 20, 2020

    How to Choose the Right Security Tools?


    Read more
    July 9, 2020

    Top 5 Hacks


    Read more
    June 30, 2020

    AWS – Security Services Rundown


    Read more

    Get In Touch

    Privacy policy

    © 2020 Intent Solution Group. All Rights Reserved.

    Get Started with Security Services