There are a number of resources available for us to develop a security policy. One of the best resources I have found is the SANS institute. SANS is the most trusted and by far the largest source for information security training and security certification in the world.
The information used by your staff, the personal information of your customers is valuable and HAS to be protected. In the medical community, HIPAA provides guidelines and rules. In the financial industry, it is FINRA who provides guidance on how to secure information. Any business owner would be wise to have at least a basic security policy to help protect data.
Ignore at your own peril! I recommend taking some time every year to review and update policies for the company and implement the following are basic requirements:
- Yearly risk and vulnerability assessment;
- Managed anti-virus with end point protection for viruses and malware;
- Document who has permissions to client information;
- Train your staff with security awareness training and keep a log;
- Inventory your equipment and the type of data stored in it.
The best plan of action is to have this done at the beginning of the year in order to have time to resolve areas of concern during the year. Contact us to schedule a quick call and see what makes sense for your company.
For those who are more self-sufficient, the following document has excellent points that any business owner can use to create, implement and secure a policy:
You can also implement our basic Cybersecurity Subscription to meet some of the core requirements with a very affordable option.
Don’t go at it alone, we are always available for a call or visit.
Luis Delgado is a father, husband, community resource, speaker, and entrepreneur who founded The Critical Update, inc (TCUINC) in 2003. TCUINC is a technology consulting firm that has evolved from basic computer support to affordable technology consulting, network management, outsourced IT and cybersecurity. Our clients come from every industry in Central Texas.
Luis is a certified HIPAA professional and is focused on helping business owners create more jobs for Texas families.