Protect Your Computer System with a Comprehensive Security Policy

The most difficult part of creating a Security Policy for your business is determining what, exactly, to include in it. Never heard of a Security Policy before? You're not alone. But whether you are the only employee in your company or you have a small staff working for you, you need to learn what a Security Policy is, and then you need to create one.

In much the same way that a personnel policy informs employees of things like vacation time accrual, performance review schedule and other personnel-related issues, a Security Policy informs your employees of the steps that are necessary to keep your company's network and computers secure. The policy is your company's rules and regulations that are enforceable, under law if necessary, if breached.

A Security Policy will include rules and formal procedures that are clearly written and laid out. But most importantly, the information contained must be easy for employees of all levels to understand.

And just as it is with young children, the content of your Security Policy must be enforceable, and it must be enforced consistently. Saying in writing that something is not allowed, then allowing it to happen during regular work hours sends mixed messages to your employees. They won't know what really is right or wrong, which will defeat the whole point of your Security Policy. Inconsistent implementation also leaves you open to legal liability.

Like any good policy, your Security Policy should be regularly updated to reflect today's rapidly-changing business environment. Most of the time, you will be the person making these changes. However, if your company is growing and adding staff, this may not always be the case. Make sure the person responsible for updating your company's Security Policy has guidelines and boundaries, and most of all, make sure you read and approve any changes made by someone else.

Make presenting your Security Policy part of your new employee orientation procedure. Make sure every employee reads the policy, signs and dates a document certifying that it has been read, and then keep the signed and dated certification in their respective personnel folder. And every time that your Security Policy is updated, make every employee read it again, and sign and date a document stating that they have read the changes.

The types of topics you may want to cover in your company's Security Policy include but are not limited to:

* What can be loaded onto an employee's computer from floppy disk or CD

* What personal business, if any, can be conducted on the company computer

* Which files or company information is allowed to leave the internal network or is allowed to be sent out over the Internet

* Who is allowed to install new software and software upgrades onto the system, and equally important, who is not allowed to do this

* A password management and password change policy which includes the acceptable length of passwords. Provide examples of permissible/non-permissible passwords. Examples of non-permissible passwords might include date of birth, names of pets, nicknames, children's names, etc.

* Who's allowed remote access to your network from off-site

* Policies for locking keyboard or using password protected screensavers when an employee's PC is left unattended

* Who is allowed to attach their laptop or other portable computing device to the network and what information they are allowed to upload/download

* Guidelines for vendors and other visitors who may need access to your network while they are on-site.

Whether you have one PC or several networked together, you have a lot of money invested. Protect this critical business asset with an iron-clad Security Policy.

Copyright © 2004 Cavyl Stewart. For help with creating your security policy or to find security software or other small business programs, visit: http://www.find-small-business-s oftware.com/hr-software.html - Also, be sure to check out my Exclusive, 100% free ecourses.

In The News:

pen paper and inkwell


cat break through


Creativity and Innovation Management ? Money Doesnt Do It

Creativity can be defined as problem identification and idea generation... Read More

Measuring Creativity, DIY style

Creativity measurement is often required in order to benchmark existing... Read More

Appraisal Systems - Not Living Up to Their Objectives

Almost, if not all organisations have them, they've been around... Read More

Joint Accountability: Another Key for Your Effectiveness

I once was part of a group of management professors... Read More

The Business Shaman: Exploring the Mystery of Success!

Note: This article was written for a internet business site.... Read More

Making Assumptions - A Critical Communication Mistake In Business And In Your Personal Life!

We draw conclusions about people through observation, their behavior, past... Read More

Creativity and Innovation Management: Generating Better Ideas

Creativity can be defined as problem identification and idea generation... Read More

Offshore This! (Outsourcing Tech Support Overseas)

So I call my telephone company and someone picks up... Read More

How to Reject a Job Applicant

A Nightmare That Really HappenedOver 10 years ago, when I... Read More

How To Hire Superstars

Can a person's behavior and values really determine if they... Read More

What We Have Here Is A Failure To Communicate

Today's successful organizations are the ones which carry on open... Read More

Its a Training Issue!

There's a common phrase used by Organizational Development and Human... Read More

Unravelling the Data Mining Mystery - The Key to Dramatically Higher Profits

Data mining is the art of extracting nuggets of gold... Read More

Rules for Running a Meeting

As an experienced manager, I can announce without a doubt... Read More

Listening Strategically

Usually, we're most interested in communicating outwardly; getting our messages... Read More

What Makes a Good Appraisal Interview?

WHAT MAKES A GOOD APPRAISAL INTERVIEW?Here is a tip for... Read More

Are Your Meetings Smart?

Soon after I finished a brief seminar on how to... Read More

What Consultants Want You to Know (But You Never Ask)

I've been both a CEO and a consultant, so I've... Read More

Re-Discovery Procedures for Building Effective Management Systems: Phase V

Now we turn the corner to our final phase: Re-Discovery.Last... Read More

The Fairness of Office Politics... Integrity and Political Motivation!

I hear many complaints daily about the "unfairness" of politics... Read More

Organizational Structure, Creativity, Innovation

Organizational structure can inhibit or foster creativity and innovation. The... Read More

Drafting an Employee Manual Sample Outline

One of the hardest things I had discovered running my... Read More

Executive Performance -- Whos to Blame for Incompetent Managers?

A recent article in the Wall Street Journal raised the... Read More

People Are Our Most Important Asset!

How many times have you heard or uttered this phrase... Read More

Creativity and Innovation Management - Turning Ideas into Action

The phrase "turning ideas into action" is a Russian doll.Managing... Read More

Turning a Negative Employee Into a Positive Asset

Several years ago, I took over the supervision of a... Read More

Five Tips for Analyzing an Income Statement

In today's article, we'll be looking at the income statement,... Read More

Why All Managers Are Alike

Because, like you I suspect, they have key target audiences... Read More

Are you NICE or do you CARE?

Are you NICE or do you CARE? ... Read More

Why Free Agent Thinking Is Good For Your Company

It's no secret! Day after day the news is riddled... Read More

Another Use for Meetings

Every meeting is a laboratory where you can observe and... Read More

Jack Welch--Success Is Getting Back Up on the Horse

A few months ago I had the opportunity to spend... Read More

Effective Ways to Give Performance Feedback

Consequences of Not Giving Effective FeedbackLet's take a look at... Read More