Safeguarding company data without compromising user productivity has always been a balancing act. This ebook offers do’s, don’ts, and best practices to help you find the middle ground.
From the ebook:
Applying cybersecurity principles within an organization is of critical importance. However, it can be a double-edged sword depending on how you proceed. If your controls are too restrictive and punitive your users will resent jumping through hoops and may even seek ways to circumvent those controls.
On the other hand, if your policies are too lenient, you run the risk of exposing the business to harm and putting your company and its confidential data (and perhaps your own career) in jeopardy.
Here are some first-hand perspective tips on how you can work cooperatively with your users to build appropriate security procedures without interfering with their work—or worse—making them feel like criminals.
List of do’s
Do explain what threats are out there and how to use common sense measures to avoid them.
Do explain why specific restrictions or controls are in place and what you hope to achieve by such requirements.
Do implement sophisticated technological monitoring and alerts to notify you or your cybersecurity team of inappropriate access attempts, unauthorized transmission of confidential data, usage of prohibited applications, and other security threats.
Do formulate an incident response plan and be sure to cover in-house and remote employees and locations.