Home > Articles > Security > Network Security

  • Print
  • + Share This
From the author of

Step 1: Gather Information

The first step in this process (as with anything) is to gather the necessary information. Senior management should sit down with members of the IT security staff to collect essentially two categories of information:

  • The information to be presented to the employees

  • The pilot group that will be used to test the system

Identify the Information to Be Presented to Employees

You must clearly identify the information that the program will present to employees. This may include the following:

  • Information security policy

  • Network information that users hold

  • Potential consequences of not protecting that information

  • Information security measures in place

  • Planned information security measures to which users must adapt in the future

  • Existing incident-reporting mechanisms

Identify a Pilot Group Within the Organization

The security program should first be presented to a pilot group drawn from various divisions of the firm, so that feedback from representatives of the intended audience can be used in the development of the program.

Having representatives from different groups will also help determine how to tailor the program for each division. This need will arise because the different divisions have access to different resources, often at various levels of sensitivity. For example, the sales force may need remote access to email, product data, and the firm's intranet. It may be important to provide them with information on using the firm's virtual private network (VPN) and the dangers of network access from potentially insecure locations, such as hotel rooms. The human resources or personnel staff, on the other hand, who access employee records including name, home address, salary history, and performance evaluations, may require special information on the handling of sensitive documents and how to maintain secure physical access to HR file space, given the need to maintain the privacy of this information.

  • + Share This
  • 🔖 Save To Your Account