Five Warning Signs Your Security Policy Is Lacking
Warning signs of a weak security policy from SunGuard Availability Services.
When I worked for my former employer, I made a switch between departments, but for months, I continued to have access to the information from my former position. I continued to have access to certain databases and other areas long after I left the employer because I still had an active e-mail account and login. I tell this story as an example whenever someone asks me about "easy" security fixes because it seems so obvious (take away any login capabilities the moment an employee leaves the company), yet lax insider security continues to be a major problem.
At RSA, Quest Software released survey results that show just how big the holes are when managing the employee end of security management. A few of the findings include:
One of the issues I frequently heard at RSA was the need for better security education. We can't expect a one-day seminar on security policy or an employee booklet with security regulations to give anyone enough know-how on how to be safer and smarter about security and risk issues. I think the Quest survey shows just how important improved education is.