PURPOSE Every enterprise needs to establish a plan of action to assess and then recover from unauthorized access to its network. This policy from TechRepublic Premium provides a foundation from which to start building your specific procedures. From the policy: ASSIGN AN INCIDENT RESPONSE TEAM An incident response team should be put together and a …
The post Incident response policy appeared first on TechRepublic.
PURPOSE This Media disposal policy from TechRepublic Premium provides specific instructions for ensuring organization data is properly protected when disposing of old storage media. From the policy: POLICY DETAILS When disposing of damaged, unusable, obsolete, off-lease, decommissioned, old, or end-of-service-life equipment and media, the organization requires that the guidelines outlined herein be followed: Hard drives, …
The post Media disposal policy appeared first on TechRepublic.
This policy from TechRepublic Premium provides guidelines for the appropriate use of electronic communications. It covers topics such as privacy, confidentiality and security; ensures electronic communications resources are used for appropriate purposes; informs employees regarding the applicability of laws and company policies to electronic communications; and prevents disruptions to and misuse of company electronic communications …
The post Electronic communication policy appeared first on TechRepublic.
PURPOSE The purpose of this policy is to provide guidelines for the appropriate disposal of information and the destruction of electronic media, which is defined as any storage device used to hold company information including, but not limited to, hard disks, magnetic tapes, compact discs, audio or videotapes, and removable storage devices such as USB …
The post Electronic data disposal policy appeared first on TechRepublic.
PURPOSE This policy provides termination guidelines, including the process of disabling former employee access, reclaiming company equipment and finalizing payroll/benefits details. It complements our Employee termination checklist, which should be filled out by involved individuals/departments and can be printed or used in electronic format shared with appropriate personnel. From the policy: POLICY DETAILS Access and …
The post Employee termination policy appeared first on TechRepublic.
SUMMARY Risk management involves the practice of addressing and handling threats to the organization in the form of cybersecurity attacks and compromised or lost data. The process of establishing appropriate risk management guidelines is critical to ensure company operations and reputation do not suffer adverse impacts. It’s not an easy process, achieving a sound risk …
The post Risk management policy appeared first on TechRepublic.
PURPOSE This policy outlines guidelines and processes for requesting, obtaining, using and terminating remote access to organization networks, systems and data. It applies to scenarios where employees connect remotely to in-house data centers as well as offsite facilities, such as cloud providers. From the policy: DETERMINING ELIGIBLE USERS Only users with a demonstrable business need …
The post Remote access policy appeared first on TechRepublic.
The Security Incident Response Policy, from TechRepublic Premium, describes the organization’s process for minimizing and mitigating the results of an information technology security-related incident. From the policy: Whenever a user of an organization-provided computer, device, system, network application, cloud service or platform experiences a suspected technology-related security incident, the individual must immediately notify the IT …
The post Security incident response policy appeared first on TechRepublic.
Data in transit means data is at risk if the proper precautions aren’t followed. Data stored inside a securely monitored environment is much less likely to fall into the wrong hands than data exchanged between people and systems. With this in mind, it is essential for company personnel to adhere to firm and clear guidelines …
The post Transmission of sensitive data policy appeared first on TechRepublic.
This policy is designed to help your IT staff guide employees toward understanding and adhering to best security practices that are relevant to their job responsibilities. From the policy: SUMMARY A security policy is only as valuable as the knowledge and efforts of those who adhere to it, whether IT staff or regular users. Understanding …
The post Security awareness and training policy appeared first on TechRepublic.