Glen Kosaka has a feature article on CSO Online entitled “Five Ways to Turn Employees into Security Assets for Protecting Data“. Considering that employees are often the source of data breaches, this is a look at how to turn your employees from security liabilities into security assets. While some data breaches happen as the result of accidents, many are unavoidable.

The 5 recommendations for turning employees into security assets are:

  1. Make data security part of the company culture - getting department managers involved in locating sensitive data & setting access, use & protection policies; training employees for their own use and on ensuring others observe policies
  2. Integrate data leak prevention processes into overall workflow – have policies on data access & tracking that extend to new data, new employees, new departments and for mobile computing (or other new threat vectors)
  3. Make employees feel like security assets, not liabilities – with training and awareness programs
  4. Prevent the temptation to engage in “harmless” policy violations – by clarifying grey areas like taking data offsite, copying or storing data and transporting data
  5. Teach employees about policies while enforcing them – take action quickly and block actions that are not desirable. Have data leak protection technologies to monitor and prevent leaks, but also to educate employees if they try to do something that is against policy.

Read more details about these recommendations here.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati