One Article Review
| Source |  NoticeBored |
|---|---|
| Identifiant | 449115 |
| Date de publication | 2017-12-13 15:58:28 (vue: 2017-12-13 15:58:28) |
| Titre | NBlog December 13 - IoT & BYOD security policies |
| Texte | Today we've been working on a model policies concerning IoT and BYOD security.We offer two distinct types of policy:Formal information security policies explicitly defining the rules, obligations and requirements that must be satisfied, with a strong compliance imperative relating to management's authority. These are the internal corporate equivalent of laws ... although we go to great lengths to make them reasonably succinct (about 3 sides), readable and understandable by everyone, not just lawyers familiar with the archaic and arcane legal lexicon (such as has heretofore in the present clause been ably demonstrated, m'lud).Informal - or at least semi-formal - Acceptable Use Policies that are more advisory and motivational in nature. These compare pragmatic examples of acceptable (in green) against unacceptable (red) uses to illustrate the kinds of situation that workers are likely to understand. They are even more succinct - just a single side of paper. So, we now have four security policy templates for IoT and BYOD.Although they don't contain huge volumes of content and are relatively simple, it takes a fair bit of time and effort to research, design and prepare them. Part of our challenge is that we don't have a particular organization in mind - these are generic templates giving customers a reasonably complete and hopefully useful starting point that they can then customize or adapt as they wish. Those customers who already have policies covering IoT and BYOD might find it helpful to compare theirs against ours, particularly in terms of keeping them up to date with ever-changing technologies and risks, while also being readable and pragmatic. Having been developing policies for close to 30 years, I've learnt a trick or two along the way!The policies will be delivered to NoticeBored subscribers in January's security awareness module, and are available to purchase either individually or as a suite from us. Contact me (Gary@isect.com) for details. |
| Envoyé | Oui |
| Condensat | for those ably about acceptable adapt advisory against along already also although arcane archaic are authority available awareness been being bit byod can challenge changing clause close com compare complete compliance concerning contact contain content corporate covering customers customize date december defining delivered demonstrated design details developing distinct don effort either equivalent even ever everyone examples explicitly fair familiar find formal four from gary@isect generic giving great green has have having helpful heretofore hopefully huge illustrate imperative individually informal information internal iot january just keeping kinds laws lawyers learnt least legal lengths lexicon likely lud make management might mind model module more motivational must nature nblog not noticebored now obligations offer organization ours paper part particular particularly point policies policy policy:formal pragmatic prepare present purchase readable reasonably red relating relatively requirements research risks rules satisfied security semi side sides simple single situation starting strong subscribers succinct such suite takes technologies templates terms theirs them then these time today trick two types unacceptable understand understandable use useful uses volumes way who will wish workers working years |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.