If you don’t encrypt sensitive and personally identifiable information (PII) on mobile computers, you are at very high risk of having that information breached. It seems that laptops practically scream “Take me!” to any potential swindler who happens to pass by. Yet one more in the daily news reports about mobile computer thefts provides a good example of this; “World’s Largest Telco Admits – We Didn’t Encrypt Laptop Data”
The third section from the June issue of my “IT Compliance in Realtime Journal” discusses why all organizations that use mobile computing devices for business purposes must ensure their personnel know and understand how to use mobile computers in a secure manner. You cannot expect your personnel to know how to safeguard information and mobile computers if you do not provide them with training and ongoing awareness for how to do it!
Here’s an unformatted version; you can download a much nicer PDF version of it with the entire June Journal…
Archive for the ‘Training & awareness’ Category
Make Your Personnel Aware Of Mobile Computing Security Requirements
Monday, June 23rd, 2008Think and Look Before You Send that Quick Message!
Wednesday, June 11th, 2008Every month, and sometimes weekly, I see a privacy breach that is a result of a messaging mistake. People need to be more careful about all the types of electronic messages they are sending and not so quick to hit that send button!
Here is the fourth, and final, part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Think and Look Before You Send that Quick Message!
Wednesday, June 11th, 2008Every month, and sometimes weekly, I see a privacy breach that is a result of a messaging mistake. People need to be more careful about all the types of electronic messages they are sending and not so quick to hit that send button!
Here is the fourth, and final, part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
Let Your Personnel Know Their Messaging Boundaries
Tuesday, June 10th, 2008Here is the third part of the first article within the June issue of my “IT Compliance in Realtime” journal, “What to Tell Personnel: Messaging Security and Privacy“…
How To Create Information Security & Privacy Case Studies
Monday, June 2nd, 2008Over the years I’ve done a lot of information security, privacy and compliance training and awareness activities; content creation, delivery, tools, and a large variety of other related activities. I’ve found doing case studies to be one of the most effective, and most interesting and popular, type of training activity.
I’ve created dozens, and perhaps even hundreds, of case studies throughout the years. Case studies engage your personnel in thinking in ways that just telling them information cannot do, noticeably change their work habits, and measurably impact their opinions about information security and privacy.
In the third article of the May 2008 issue of my IT Compliance in Realtime Journal, “Creating Effective Case Studies for Information Security and Privacy Training” I provide direction for how to create effective case studies within any type of organization.
The following is an unformatted copy of the article, without the sidebar information and illustrations; download the PDF version of the article to see those…
Corporate Communications Officers Tying The Hands Of Information Security and Privacy Pros
Tuesday, April 29th, 2008I’ve been here at the CSI SX conference for the past few days, and I’ve had the great opportunity and pleasure of speaking with a large number of folks while here. I was finally able to meet Ron Woerner in person (nice to meet you Ron!) after communicating with him in the Security Catalyst Community over the past 1+ year.
I love coming to these conferences and just talking with the participants. There is always at least one topic for which I receive enlightenment that I had not considered before. During the past few days I’ve spoken with 4 to 5 people who are responsible for information security, all from highly regulated industries, who all say despite their adequate to even generous information security and privacy budgets, some of their most important information security and privacy efforts are being quashed by their corporate communications offices; those responsible for the messages that are sent to personnel throughout the enterprise.
Information Security and Privacy Areas MUST Collaborate For Their Initiatives To Be Effective
Friday, March 14th, 2008For the past several years I have written often, and given much training, to demonstrate and emphasize the need for information security and privacy areas to collaborate in their efforts. There are just too many topic overlaps between the two areas to NOT work together cooperatively.
Effectively addressing and coordinating Privacy and Information Security initiatives has moved to the top of the list for companies maintaining customer and employee information. However, there are often gaps in communication and collaboration between Privacy and Information Security activities.
Twelve Messaging Risks to Address Now
Monday, March 10th, 2008The first article within the March issue of my new e-journal, “IT Compliance in Realtime” is “Twelve Messaging Risks to Address Now.”
Here are a few excerpts…
Did You Know This Was National Consumer Protection Week?
Tuesday, March 4th, 2008Here’s another event related to compliance, information security and privacy to put on your calendar…
This is National Consumer Protection Week (NCPW) in the U.S.
