PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
October 2003

Implementing security policies to make them stick

It's an infosecurity fact of life: Security policies are generally ignored unless top management explicitly endorses them. But while executive backing is necessary, it's often not sufficient. Successful policy implementation requires genuine buy-in throughout the organization, from top to bottom. Unless users believe the threats are real, the response is appropriate and the consequences of noncompliance are career-limiting, they'll always ignore policy. Let's take a look at a case in which an infosecurity failure literally cost thousands of lives, and what it finally took to make security policies stick. In 1915, the British army knew that crucial information was somehow leaking to the enemy. When they finally figured out that the Germans had developed "sniffer" technology that enabled them to eavesdrop on Allied trench telephone signals that were inadvertently carried through the ground, the British created strict policies limiting the use of electronic communications. These policies were universally ignored, resulting in ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

-ADS BY GOOGLE

Close