Security News

Encryption is vital for securing data, whether in transit or stored on devices. This policy from TechRepublic Premium provides guidelines for adopting encryption technologies for organizational use that have undergone extensive technical review, are not encumbered by patents or copyright and have been proven to work reliably.

The EU General Data Protection Regulation is a comprehensive set of rules designed to keep the personal data of all EU citizens collected by any organization, enterprise or business safe from unauthorized access or use. The GDPR went into effect on May 25, 2018, and the provisions in the law greatly affected the manner in which every business transaction involving EU citizens is conducted.

The purpose of this customizable Social Engineering Awareness Policy, written by Maria Carrisa Sanchez for TechRepublic Premium, is to provide guidelines for preventing, recognizing and addressing social engineering attacks. Regular update of passwords: The company believes passwords serve as the fundamental line of security against unwanted access.

There has been a lot of toxicity in the comments section of this blog. Recently, we're having to delete more and more comments.

The concept of zero trust implies organizations must work under a constant worst-case scenario. The purpose of this customizable policy, written by Ray Fernandez for TechRepublic Premium, is to provide guidelines for organizations to strengthen their privacy and security postures by implementing an efficient zero trust model.

Unsecured USB drives, data files left open on desktops and printouts of confidential documents are just a few examples of items that employees may carelessly leave out when stepping away from their workspaces. The purpose of this customizable Clean Desk Policy, written by Kara Sherrer for TechRepublic Premium, is to provide guidelines for protecting sensitive information and data from unauthorized access when staff are away from their desks.

This is why a network security policy must be in place to create security guidelines for devices that transport and store company data. To protect company data and reputation, it is essential to ensure the network is secured from unauthorized access, data loss, malware infestations and security breaches.

Whether due to resignation, layoff or firing, separating employees from the business is never a pleasant process nor is it always easy. Because many staff members have access to confidential data or company assets, it is critical to utilize a series of detailed and comprehensive steps to complete employee terminations and streamline the experience as much as possible.

Conduct regular security training, especially with staff members who work with sensitive data and with executives who are often the targets of BEC. This should include live instruction, security awareness training videos and testing, and phishing simulation testing that use current, real-world attacks as examples. Finally, gamifying the cyber-aware culture by rewarding the employee with "Most reported emails" or the "Fastest reporter" promotes contributing to the overall security posture of the organization while keeping reporting engaging and fun.

In many ways, data has become the primary currency of modern organizations. PROCEDURES. All unauthorized access to facilities, systems and devices is considered a major breach of security, whether the data involved is classified as restricted or not.