Information Security Resources

by Skeleton Star

We covered Information Security "Basics" in another issue, and thought we'd piggy-back on that with some information regarding the allocation of resources. You need to think about securing the business, and not just the computers and network to fully protect information assets.

Once you have grasped the "Basics", you need to develop the plan to implement your security strategy - that means the allocation of human resources. To achieve greater efficiency and lessen the staffing impact, you need to implement solid hardware and software standards, streamline processes, and define metrics to establish the baseline and continually measure progress.

Then, as mentioned in the "Basics" issue, ...management must also learn to manage "smarter". The multitude of sound business practices required to address the major audit concerns and issues, and the associated workload to do so, mandates that management be imaginative in administering the responsibilities to put the sound business practices initially in place... and to maintain them on an ongoing basis, leadership must allocate the human resources to get it done. It is very important to allocate an appropriate percentage of employees to the information security challenge, especially in the area of technical support.

---

Employee Ranking Tool Companies Do Employee Ranking to Reward Their Best Performers, and to Legally Justify in a Time of Economic Downturn, How Personnel Were Chosen to Be Let Go...

Business Model Package A Business Model, also Known as a Business Plan (three-year or five-year), is a MUST...

---

The following areas need to be staffed / represented / addressed:

• A Chief Security Officer (CSO) should be appointed, or at a minimum someone should be officially designated to be the point person for Information Security... there needs to be a champion.
• Policy development.
• Ongoing employee awareness program.
• Administration, e.g., problem resolution, rights and privileges, customer service.
• Architecture, e.g., security strategy, standards, migration planning, project management.
• Compliance and reporting, e.g., metrics, monitoring, reporting.
• Technical support, e.g., virus control, firewalls, product evaluations, help desk.

Information Security and protection cannot be assured without the implementation of the "BASICS", and the appropriate allocation of the "resources".

---

Skeleton Star is a business whose tagline is: "Providing Business Essentials... Making B2B Easy." Skeleton Star owns and operates several web sites of which the following is key to new entrepreneurs: Business Practices.

The author of this article, at one time, was an IT Staff Auditor for a Fortune 10 company, and later managed the global Information Security Program for the Information Technology organization that supported a Fortune 10 company. Reprinting and republishing of this article is granted only with the above credit included. Permission to reprint or republish does not waive any copyright or other rights.

---

Your Personal Plan This Awesome Video Shows You How To Ceate Your Own "Personal Strategic Plan" For 2008... Get Your New Year Off To A Great Start...

Video Headquarters Connecting Online People With Real-Life Videos... Find The Real Life Videos You Want Here...