|
Reviewing the company's security procedures
included looking at encryption policies for stored
and transmitted data, and the physical security of
its servers. As an insurance brokerage handling
sensitive client data, security is critical, Silberstein
says.
To tackle data protection projects, she and the IT
executives get together as a team and bring in others
from the company whom they feel could provide
input.
"We'll define what our issues are, where we think
we have gaps or risks, and what we need to close,"
Silberstein says. "If it's urgent or we're trying to close
a gap quickly, we may meet weekly, but more frequently
we set up meetings every other week and
discuss what we figured out or how we closed a gap."
While the IT executives bring the systems expertise
to these discussions, she and others can point
to behavioral issues or what the risk will be from a
people standpoint, she says.
The company fosters a collaborative culture in
which everyone is working to achieve the best outcome,
she says: "We try hard not to build silos."
MATTER OF CIRCUMSTANCE
For Robert Miller, director of human resources at the
Greater Los Angeles County Vector Control District,
contact with information security pros is based on
circumstance. The agency, which has about 100 fulltime
employees, contracts with an information security
expert. It's the largest of five mosquito and vector
control districts in Los Angeles County, serving six
million residents.
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
...
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE] [IMAGE] Crisis Coordination
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
Human resources and security teams work together to prepare the enterprise for the worst.
Disaster recovery planning is a major area where
human resources professionals team up with IT
security pros.
The HR department is often the "conductor" of
the crisis management plan while IT security
teams help HR in ensuring systems remain operative,
information is safeguarded, and employees
can be located, says Paula Harvey, president of
K&P Consulting, a human resources services firm
based in Charlotte, N.C.
"Information technology and HR must work
hand in glove," she says.
In crisis planning, HR works with information security teams, which
tend to fall under IT in the enterprise, and physical security teams,
Harvey says. HR and IT usually work well together, she adds.
"Both departments have spent time proving to companies how useful
they can be and how they can save the company money instead of
being a cost center," Harvey says. "They're kindred spirits."
--MARCIA SAVAGE
[IMAGE]
[IMAGE] [IMAGE] [IMAGE] [IMAGE]
[IMAGE]
[IMAGE]
|
 |
|
