Whether you manage policies manually or use automated tools, it is imperative to get your policies and systems in sync.
 |
|
|
|
|||
|
|
|
|
|||
| ||||||
| ||||||
Requires Free Membership to View
SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!
Michael S. Mimoso, Editorial Director
|
|
|
||||
|
More information from our sister site SearchSecurity.com
Attend our live webcast on June 22 at noon ET and learn smart strategies for evaluating policy management tools. Learn how security policy tools can help – and hinder – SOX compliance efforts. |
||||||
| ||||||
|
|
|
|
|||
| ||||||
| ||||||
In a way, your information security operation is like a crew boat. It operates most efficiently and effectively when everything is in harmony. To make sure the metaphorical oars all hit the water at the exact same time, you need to establish some rules. Forget about a coxswain; sound policies and strong management systems steer your crew.
Part of managing risk requires periodically evaluating your policies and your enforcement program, and updating the guidelines and technology that ensure employee and system adherence to them. Similarly, vendors now offer products that can convert policies into specific configuration criteria and commands.
Policy management isn't just a matter of good practice--today's regulatory requirements make it an imperative. You can create and manage policy manually, or you can turn to automated tools that implement controls enabling them to adhere to various regulations. Either way, by taking steps to ensure policies are established and managed consistently, you can steer swiftly through threats of security breaches, regulatory glitches and failed audits.
This was first published in June 2006