Multi-dimensional enterprise-wide security: Divide and conquer

This tip is excerpted from Chapter 3 of The Definitive Guide to Security Inside the Perimeter, written by Rebecca Herold and published by Realtimepublishers.com. Read the entire e-book for free.

To be effective, information security leaders must implement an information security strategy to simplify their efforts. To do so, consider each of the components within the multi-dimensional information security issues, divide your security responsibilities throughout the organization, and use automation to simplify and conquer your information security activities and challenges.

Too many times information security practitioners try to take on all the information security tasks themselves. This undertaking is not only unfeasible in most situations but also does not foster the need for all personnel to take responsibility for information security. When everyone is part of the development of information security, as a whole, organizations can then identify tools to address those activities that can be automated. There will be many areas where you can automate some of your information security activities throughout the enterprise (for example, through the use of centralized intrusion detection systems, access logs, antivirus solutions and so on).

MULTI-DIMENSIONAL ENTERPRISE-WIDE SECURITY

  Introduction
  Protection strategies
  Risk assessment and analysis methodologies
  Define risks
  The goal of an information security policy
  Due diligence
  Corporate reputation
  Audit and validation
  Simplifying complexity
  Divide and conquer
  An action plan

ABOUT THE AUTHOR:

Rebecca Herold is currently an information privacy, security and compliance consultant, author and instructor with her own company, Rebecca Herold, LLC. Rebecca has provided information security, privacy and regulatory services to organizations from a wide range of industries. She has over 15 years of information privacy, security and compliance experience. Rebecca was instrumental in building the information security and privacy program while at Principal Financial Group, which was awarded the 1998 CSI Information Security Program of the Year Award.

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Creating a Security Culture Unified communications trigger data leakage dangers, survey finds Security Awareness Training Essential Part of Infosec Program Societe Generale bolsters internal controls, discovers second insider Companies still monitoring email manually, survey finds Trading firms rethink risk strategy I am concerned that a former employee will utilize corporate information in a malicious way. Security, Privacy Offices Must Combine Resources What can be done to block adult images in search engine results? Building information risk management frameworks: Developing controls for people, processes and technology Security Metrics: Replacing Fear, Uncertainty, and Doubt

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Honeynet Project  (SearchSecurity.com) single-factor authentication (SFA)  (SearchSecurity.com) trusted computing  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary