PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
July 2005

All Aboard!

Policy & Process To gain buy-in and support for your security policies, it's best to start at the top. A clearly written security policy that's supported by management, properly implemented by technical staff and complied with by users is the dream of every security manager. The real world, though, is a bit different. When asked by Information Security what's making their jobs harder, 58 percent of security managers pointed to user ignorance and policy noncompliance. Close behind were business units ignoring risk and threats (51 percent), and the lack of management buy-in and support (43 percent). Security polices aren't something that are written and put on a shelf to collect dust. They're living, dynamic documents that should embody the mission and operations of the enterprise. That means how the policy is created, implemented, communicated and enforced is just as important as what the policy says. Bridging the gap between policy intent and policy practice isn't difficult. Like most things in security, it's about process. ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

  • Mission Impossible

    Seven ways to leverage your infrastructure against spyware.

  • All Aboard!

    To gain buy-in and support for your security policies, it's best to start at the top.

Columns in this issue