New Training: Policies for Security
In this 9-video skill, CBT Nuggets trainer Keith Barker explains and describes the types of policies that improve organizational security. Watch this new Cyber Security training.
Watch the full course: Governance, Risk, and Compliance Training
This training includes:
1.2 hours of training
You’ll learn these topics in this skill:
Intro to Policies for Security
Policies About Personnel
Policies and Culture for Learning
Diversity and Security
End of Life Policies
Policies about Change
Quiz and Review
What Security Policies Should an Organization Employ?
At a minimum, every organization should have security policies relating to premises, passwords, device controls, Internet usage and encryption.
Premise security policies detail how individuals can access an organization's buildings. It can include identification procedures and key card controls.
Password security policies detail the controls placed on the creation and usage of passwords and other sensitive credential information.
Device control security policies dictate how employees and authorized third-parties may access an organization's IT infrastructure, such as its computers and networking equipment. It can include how devices are secured and whether individuals can use their own devices to connect to the infrastructure.
Internet usage security policies describe what materials employees may access over the Internet and what programs they should use in order to do it as securely as possible.
Finally, encryption security policies identify how sensitive data, such as Social Security numbers, is encrypted to protect the privacy of information.