Looking for creative ways to improve security compliance

zephyr

I'm looking for creative and effective ways to improve security compliance at my company. I've done all of the usual things - posters, email reminders, etc. to end users What have you done that was effective? I'm hoping to be inspired!!!

Tags: security
Topic: Networking
Answer this Question

Answers

1 total
dblacharski
Vote Up (24)

I may sound cynical, but I think the best approach is to assume a certain level of laziness on the part of end users. If you assume that people will always take the path of least resistance, you will know from the beginning that there is bound to be use of default passwords, sending sensitive files via regular email, use of unauthorized apps, and other security faux-pas. Starting with that assumption, you have to then assume that "soft" enforcement such as email reminders aren't going to work, and you must instead then look towards implementing technological enforcement. For example, if your policy calls for people to use a certain level of password complexity and to change passwords once a month, lock them out if they don't do so. If your security policy prohibits use of IM on company computers, then block IM at the firewall level.

Ask a question

Join Now or Sign In to ask a question.
A campaign on the Internet is objecting to the exclusion of issues like net neutrality, the cyberweapons arms race and surveillance by the U.S. National Security Agency from the discussion paper of an Internet governance conference this week in Sao Paulo, Brazil.
Users of Google Glass will get to meet and compare their techie headgear this weekend at a spot where appearance is everything.
A Space X Falcon rocket lifted off Friday afternoon for the International Space Station (ISS) from the Cape Canaveral Air Station in Florida.
Although Exadata is Oracle's most popular and mature "engineered system," some customers implementing the database machine are making mistakes that prevent them from getting the most performance out of the expensive product, according to a veteran of many Exadata projects.
Tech workers suing over an alleged no-poaching agreement among Silicon Valley firms are fighting an attempt by defendants to ban evidence that might portray Steve Jobs as a bad guy.
Vendors will tell you that the Internet of Things (IoT) has arrived. We're here to tell you that it hasn't.
Formula One racing and cryptocurrency have nearly nothing in common -- except Suzuka. The home of the Japanese Grand Prix will soon debut Japan's first bitcoin ATM.
The clock may be running out on Mt. Gox, but a consortium of investors still wants to relaunch the failed Bitcoin exchange.
Alibaba's Tmall and Taobao sites already sell everything from clothes and furniture to car tires and medicines. But soon they'll also be offering 3G data and voice call plans as well, the Chinese e-commerce giant said Thursday.
Google did little during its first-quarter earnings report to shush critics who say its Enterprise unit is a second-class citizen in its kingdom.

White Papers & Webcasts

See more White Papers | Webcasts

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+