Good security policies aren’t just a reflection of the man-hours spent developing them. They also make it clear that management understands information security and is interested in having everyone inside the organization do what they can to minimize security-related business risks.
You do have management on board with this stuff, right?
Kevin Beaver is an independent information security consultant, author, keynote speaker and expert witness with Atlanta-based Principle Logic LLC, where he specializes in performing independent information security assessments. He has authored/co-authored seven books on information security including the newly-revised “Hacking for Dummies,3rd edition” and “The Practical Guide to HIPAA Privacy and Security Compliance.” He is also the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. He can be reached at his Web site, www.principlelogic.com.