Corporate Security and IT Policies

From Computing and Software Wiki

(Difference between revisions)
Jump to: navigation, search
Line 16: Line 16:
* Shredders
* Shredders
* Mirrors on monitors
* Mirrors on monitors
-
* Security Cameras
 
-
* Something 1
 
-
* Something 2
 
-
* Something 3
 
==Software Security==
==Software Security==

Revision as of 00:34, 13 April 2009

Corporations need to protect their physical and soft assets in today’s world of thieves and hackers. To do so, they implement IT and Security Policies, which protect their corporations against such attacks. These prevention mechanisms can be split up into three main categories: physical, software, and social (employees).

Contents

Physical Security

Typical security camera used for recording physical perimeter of building[X]

Miniature mirrors are sometimes used on monitors to allow workers using a screen to see what’s behind them. The main purpose of these mirrors is to allow the user to view unwanted eyes from behind viewing confident information on the subject screen.

Security Cards are a common security feature, typically used on all entrances to secured buildings. Usually a public lobby-area with a receptionist is open for visitors, however, access to the remaining parts of the building are secured with a security system which requires authorized employees to swipe security passes to gain access.

Other self-explanatory physical security features include:

  • Locks
  • Cabinet Locks
  • Badge Access
  • Security Cameras
  • Shredders
  • Mirrors on monitors

Software Security

Software security refers to the protection of digital media; it includes hardware necessary to implement software security, such as a computer running the corporate firewall.

A user password policy change window shown in Windows XP[X]

Social Employee Security

Although smaller companies sometimes omit discussion social engineering within their security practices, it is strikingly one of the most important areas to cover. Essentially, this type of security mechanism aims to prevent social engineering.

Companies typically have a statement in their security policy manual such as [X]:

    Don't reveal a password to the boss  
    Don't talk about a password in front of others  
    Don't hint at the format of a password (e.g., "my family name")
    Don't reveal a password over the phone to ANYONE
    Don't reveal a password to co-workers while on vacation 
     
    If someone demands a password, refer them to this document or have them call someone in the Information Security Department.  


Other Security measures

References

Some companies have statements of security as shown here: http://www.total.com/static/en/medias/topic1608/pol-sur-001_security_policy12.pdf

picture: http://www.rsscctv.com/images/P/200x200_tkc215_300%2520WEB.jpg

password change policy: http://support.netmail.sg/images/changepwd_owa2.gif

password Policy: http://www.sans.org/resources/policies/Password_Policy.pdf

http://en.wikipedia.org/wiki/Physical_Security

password change pic: http://www2.cit.cornell.edu/services/systems_support/images/changepassword2.jpg

See Also

Network firewall

Email Security

Fingerprint Authentication

Social Engineering

External Links

Corporate Security

Password Policies

Personal tools