| Worth Reading? |
Business as usual? Not anymore
|
|
How many of us are following business practices from five or even ten years ago when it comes to information security? Those practices are no longer enough. Information is a financial asset in the wrong hands, You have to secure it, just as you would cash. The Federal Trade Commission requires that ALL businesses have reasonable measures in place to protect information. You can find the information in the FTC publication, "Protecting Personal Information, A Guide for Business. This publication was made available in March 2007 and clearly outlines what they consider "reasonable measures"
Jenn (better known here as No More Hackers) is a staunch advocate of computer security products, as she markets them. Most businesses are starting to understand the need for computer security which is a good thing. The FTC clearly spells this out under the section on Electronic Security. But that is only a couple of pages out of 28. Reasonable measures consists of quite a bit more than putting protective software on your computer. 1. Take stock Know what personal information you have and where it is. Most businesses have personal information stored in multiple areas and multiple media(computers, Rolodexes, paper files) 2. Scale down Are you keeping outdated information? Do you have more information than you need? Inventory the personal information in your possession separate it into what's necessary and what is not used. 3. Lock It Take that information you need to keep and lock it up. Put paper files in a locking closet or file cabinet. Take the Rolodex off your desk Instead store the information in a slim address book that can be placed in a file cabinet and locked. Get the security software on your computer and use it. Password protect all files. 4. Pitch it That pile of unnecessary information should be properly disposed of, invest in a crosscut shredder and shred it all. Even if you don't think its personal, shred it. It's better to shred something that doesn't have to be shredded than to throw something in the garbage that could be used. 5. Plan ahead Educate yourself and your employee to be more aware of what personal information is. Have a written policy for protecting personal information and a written response policy for security breaches. Make sure your employees train on information security regularly These are just the main points. This booklet does go into some detail so you want to read it for yourself. But understand that the FTC publishing this booklet means there is no gray area on what "reasonable measures" means anymore. They have published what they believe reasonable measures to be. get protected before it happens to you |
 Add to my watchlist
 Top It
|
|
Questions related to this blog
|
Why is information security important? |
Comments (1)
 HP: 810  |
|
||
| Great article. Yes, I do all the above. Happy to see that. The FTC have a great Powerpoint slide show at their site www.ftc.gov/infosecurity
_____________________ Take Forward Steps Daily |
