Looking for creative ways to improve security compliance

zephyr

I'm looking for creative and effective ways to improve security compliance at my company. I've done all of the usual things - posters, email reminders, etc. to end users What have you done that was effective? I'm hoping to be inspired!!!

Tags: security
Topic: Networking
Answer this Question

Answers

1 total
dblacharski
Vote Up (30)

I may sound cynical, but I think the best approach is to assume a certain level of laziness on the part of end users. If you assume that people will always take the path of least resistance, you will know from the beginning that there is bound to be use of default passwords, sending sensitive files via regular email, use of unauthorized apps, and other security faux-pas. Starting with that assumption, you have to then assume that "soft" enforcement such as email reminders aren't going to work, and you must instead then look towards implementing technological enforcement. For example, if your policy calls for people to use a certain level of password complexity and to change passwords once a month, lock them out if they don't do so. If your security policy prohibits use of IM on company computers, then block IM at the firewall level.

Ask a question

Join Now or Sign In to ask a question.
Brocade this week today announced that it has acquired the network visibility and analytics technology assets from privately held Vistapointe in an all-cash transaction.
The inaugural Samsung Open-Source Conference opens Tuesday morning in Seoul, with keynotes from well-known figures in the open source world and a hackathon focused on Tizen, the company's in-house mobile operating system.
The Wi-Fi Direct standard for linking two devices without a LAN is about to get easier to use.
Facebook is releasing mcrouter, its software for turning many cache servers around the world into one distributed system, as open source.
What should happen to your personal digital communications -- emails, chats, photos and the like -- after you die? Should they be treated like physical letters for the purposes of a will?
The collection and analysis of big data holds great promise, but may also lead some companies to create profiles of consumers leading to discrimination, the chairwoman of the U.S. Federal Trade Commission said Monday.
Facebook has partnered with several large companies to kick off a new project called TODO that aims to improve the way open source software is developed and consumed.
Microsoft is eying China with plans to develop more mobile and cloud-based technologies for the country at a new subsidiary in Shanghai, despite the regulatory hurdles the U.S. company has been facing in the country.
Video on-demand service Netflix is expanding in Europe and will soon appear on the set-top boxes of French telecom operator Bouygues Telecom, the operator said on Monday.
New car-pool services sold by ride-sharing companies including Uber and Lyft are illegal in California, according to state regulators.