Protect Your Computer System with a Comprehensive Security Policy

The most difficult part of creating a Security Policy for your business is determining what, exactly, to include in it. Never heard of a Security Policy before? You're not alone. But whether you are the only employee in your company or you have a small staff working for you, you need to learn what a Security Policy is, and then you need to create one.

In much the same way that a personnel policy informs employees of things like vacation time accrual, performance review schedule and other personnel-related issues, a Security Policy informs your employees of the steps that are necessary to keep your company's network and computers secure. The policy is your company's rules and regulations that are enforceable, under law if necessary, if breached.

A Security Policy will include rules and formal procedures that are clearly written and laid out. But most importantly, the information contained must be easy for employees of all levels to understand.

And just as it is with young children, the content of your Security Policy must be enforceable, and it must be enforced consistently. Saying in writing that something is not allowed, then allowing it to happen during regular work hours sends mixed messages to your employees. They won't know what really is right or wrong, which will defeat the whole point of your Security Policy. Inconsistent implementation also leaves you open to legal liability.

Like any good policy, your Security Policy should be regularly updated to reflect today's rapidly-changing business environment. Most of the time, you will be the person making these changes. However, if your company is growing and adding staff, this may not always be the case. Make sure the person responsible for updating your company's Security Policy has guidelines and boundaries, and most of all, make sure you read and approve any changes made by someone else.

Make presenting your Security Policy part of your new employee orientation procedure. Make sure every employee reads the policy, signs and dates a document certifying that it has been read, and then keep the signed and dated certification in their respective personnel folder. And every time that your Security Policy is updated, make every employee read it again, and sign and date a document stating that they have read the changes.

The types of topics you may want to cover in your company's Security Policy include but are not limited to:

* What can be loaded onto an employee's computer from floppy disk or CD

* What personal business, if any, can be conducted on the company computer

* Which files or company information is allowed to leave the internal network or is allowed to be sent out over the Internet

* Who is allowed to install new software and software upgrades onto the system, and equally important, who is not allowed to do this

* A password management and password change policy which includes the acceptable length of passwords. Provide examples of permissible/non-permissible passwords. Examples of non-permissible passwords might include date of birth, names of pets, nicknames, children's names, etc.

* Who's allowed remote access to your network from off-site

* Policies for locking keyboard or using password protected screensavers when an employee's PC is left unattended

* Who is allowed to attach their laptop or other portable computing device to the network and what information they are allowed to upload/download

* Guidelines for vendors and other visitors who may need access to your network while they are on-site.

Whether you have one PC or several networked together, you have a lot of money invested. Protect this critical business asset with an iron-clad Security Policy.

Copyright © 2004 Cavyl Stewart. For help with creating your security policy or to find security software or other small business programs, visit: http://www.find-small-business-s oftware.com/hr-software.html - Also, be sure to check out my Exclusive, 100% free ecourses.

---

Five Steps to Successful Business Succession

The great majority of family businesses in North America are... Read More

Status Quo Pep Talks That Can Threaten Your Leadership

Organizations live and die by results. Yet most organizations get... Read More

Strategic Outsourcing: Testing the Outsourcing Waters and Staying Afloat

Before Gertrude Ederle began her historic swim off of Cape... Read More

Take Your Firm to the Next Level

So you did such a good job in 2003 at... Read More

Cold Water Comments - What They Are and How to Manage Them!

Cold Water Comments - What They Are and How to... Read More

Knowledge Management - Creating a Sustainable Yellow Pages System

How can I "know who knows" None of us can... Read More

Setting a Pitiful Example: Twenty-six Warnings to Heed *

TO: All Parents [and Employers and Managers]From: Your Child and/or... Read More

Meetings: Don?t Just Show Up, Stand Out and Shine

Meetings, whether they're regularly scheduled routines in your company or... Read More

Increasing the Return on Your Training Investment

Insightful leaders and organizations recognize that training is a valuable... Read More

Use Every Weapon You Have

One of the strongest weapons available allows business, non-profit and... Read More

Future Business Success - What Does Good Look Like?

When you know you need to shift up a gear,... Read More

Agendas Make Meetings Productive

Having an agenda template that works well for you, week... Read More

Five Days to More Effective Inventory Management

The litany of headaches related to the implementation and on-going... Read More

Bolster Credibility with Investors--Avoid These Phrases in Your Business Plan

Remember Papa John's commercial on TV with the slogan "Better... Read More

Its a Training Issue!

There's a common phrase used by Organizational Development and Human... Read More

The Punitive Approach to Marginal Performers

MANAGING A MARGINAL PERFORMER: Often a marginal performer, even after... Read More

Instantly Uncover Your Corporate Culture

Best Definition of "Corporate Culture"If you ask 10 people to... Read More

Partnering for Performance

"The difference between a boss and a leader: a boss... Read More

Getting to Consensus

The need to get people in an organization to pull... Read More

To Outsource or Not to Outsource

In these days of restricted head count and tight budgets,... Read More

Tales from the Corporate Frontlines: Providing Career Opportunity

This article relates to the Career Opportunity competency, commonly evaluated... Read More

Are You the Culprit?

Are you a business, non-profit or association manager who pretty... Read More

Holding Effective Meetings Can Be Easier than You Think!

I'm sure you've experienced those typical "headache" meetings! You know... Read More

Biometrics and ?Return On Investment?

At this time of tight budgets, the mantra of business... Read More

ISO 9001 What Records Does My Business Need To Keep?

Which documents must I keep for ISO 9001?In addition to... Read More

What Every Manager Should Know About How to Conduct Successful Training Activities

Whether you are training preschoolers in the classroom or executives... Read More

Hiring Productive Employees: A Checklist for Assessing Their Appeal

The characteristics of job applicants have a strong influence on... Read More

Quality Standards with ISO 9001

Standardizing Quality SystemsThe ISO, or International Organization for Standardization, was... Read More

What Every Manager Should Know About How to Conduct Successful Meetings

Do you announce a meeting and find either no one... Read More

Tap Employee Passion For Business Success

Meriwether Lewis set the stage for the Corps of Discovery's... Read More

Preparing a Budget

Ok, you say, I know I need a budget, but... Read More

Year 2010: Permanent Employees No Longer Required

Jack Welch joined a conference that was held in Duke... Read More

Balancing Power in Outsource Contract Agreements

The practice of outsourcing business processes has long been subject... Read More