Home > Information Security Magazine > Features > CISOs, human resources cooperation vital to security
EMAIL THIS
Information Security Magazine

  CURRENT ISSUE  
  FEATURES  
  COLUMNS  
  HOT PICK & PRODUCT REVIEWS  
  ARCHIVES  
  SUBSCRIBE/RENEW  
  

CISOs, human resources cooperation vital to security
by Marcia Savage
Issue: Jan 2009
printer-friendly
< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   NEXT PAGE  >

For example, Miller worked with the contractor during a re-organization at the agency. The fiscal officer was slated for replacement, so Miller made a proactive move: "I had his computer backed up before we gave him the news because I didn't want any sabotage to our finance systems."

In litigation issues such as allegations of discrimination or harassment, Miller works with legal counsel and other agency officials to see where electronic evidence might support their position. They might decide, for instance, to pull an employee's emails for a particular time period. If the worker has a company-issued cell phone, they might also pull text messages. He taps the security pro for help in such cases.

In general, employees often don't understand that when they use company equipment to email or surf the Web, all that electronic information can be used as evidence, Miller says. He drafted and received approval from the district's board of trustees for a policy that specifically outlines the organization's rules for proper email and Internet use.

"You have to have a policy in place that explains to people what their limitations on use are," he says. "They have to be fully aware it's discoverable and the boundaries they must stay within. That's for their protection and t...



he employer's protection. The employer has to feel comfortable that people are doing what they're supposed to do when they're online, so security plays a large part there.

"Every human resources person who is involved in the strategic management of their environment needs whatever tools are available to assist the organization in moving forward,"Miller says. "Information security is one of those tools."

At CIGNA, the information protection team works hard to make employees aware of company policies for Internet and email use, says Karen King, employee relations consultant at the Philadelphiabased health services and benefits company.

"When we first opened up the Internet and email to all employees, which we did over time, we saw a spike in the usage of it," she says. "HR, employee relations and information protection worked more closely together to figure out how to handle that and what types of disciplinary actions would be required."

The awareness campaign has paid off and employees are mindful of their Internet use and the need to ensure privacy of sensitive customer data, King says. In the event of a violation, the information protection team sends an email to the employee's manager, who engages employee relations or HR to confer on disciplinary action.

< PREV PAGE   |   1  |   2  |   3  |   4  |   5  |   6  |   NEXT PAGE  >





TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts