Sams said: "We had a failure of both policies and procedures. At least one security expert was astonished that a breach could go undetected for so long. The academic side is trying to find a line between maximum flexibility and data security.we...
A good measurement of the success of a company's security policies and practices is when information security is integral to the organisation's culture - for example, when staff dispose of paper by shredding it or putting into a secure storage...
As part of the supporting, improving and extending of established processes, those using the technology need sufficient guidance to make the best use of what it can offer. Of course the user would argue these practices make them more responsive...
The biggest gaps were in guidance on encryption and setting an audit trail for data transfers. Staff found themselves working on a day-to-day basis without adequate support, training or guidance about how to handle sensitive personal data...
Guidance measures such as the PCI directive - aimed at the credit industry - are successful because they a) provide effective and comprehensive methodology to protect data and b) they are enforced. Wicks added: "Policies and procedures should be...
Guidance on establishing the necessary policies and procedures to achieve a good level of security is provided by the ISO 27000 series standards. Government will be focusing its attention now on the information security practices, procedures and...
Did you find this white paper useful? 4 out of 8 users found this white paper useful
White Paper RSS
Download
Register
