How should your organisation respond if a cyber security incident occurred?
What is the current process for your employees when setting up passwords to ensure they follow best practice password cyber security measures?
If you don’t have answers to these questions right now, that’s okay, as a cyber security policy can be your organisation’s best friend when it comes to data protection, network security and protecting your sensitive information.
Why create a cyber-security policy in the first place?
Imagine you got a new sports car!
While you know it will be a lot of fun to drive and will help you get from A to B, you also know in the back of your mind that there are risks involved if you don’t follow correct safety procedures.
Well, in this case, the car is your organisation’s network, technology and hardware and the safety procedures will be the cyber security policy you create.
If there is no policy and subsequent safety procedures, then your organisation will encounter many risks and problems.
Key Consideration #1 – How will your organisation set up passwords?
We have spoken about this topic at length so by now, you should know how important this initiative is when it comes to protecting your organisation from cyber-threats.
Within your policy, ensure you answer the following two questions;
- What are the minimum requirements for all passwords that are created?
- How often should employees update their passwords?
Key Consideration #2 – How should employees handle sensitive data?
One of the main aims of any cyber attack is to obtain your organisation’s sensitive data and hold it for ransom.
So now that you know this, within your policy you need to ensure all employees know how to handle sensitive data and information.
Within your policy, make sure you answer the following two questions;
- What are the most secure ways to share sensitive data with trusted colleagues?
- How should data be destroyed when no longer required?
Key Consideration #3 – What will your email security guidelines be?
Phishing is all around us in today’s day and age, however, often it is human error that leads to this malicious cyber-attack succeeding, not the sophistication of the hacker’s code.
Within your policy, you answer the following two questions;
- How can employees check to ensure an email and subsequent attachments are safe to open?
- What is the process to flag malicious spam emails?
Written By: Michael from www.cogniops.com