Among the threats to any enterprise's carefully thought out security plan, are the staff it is designed, in part, to protect. Try as they might to educate employees, IT teams know all too well that some folks will always intentionally circumvent security protocols or behave carelessly.
In some cases, the result will hardly be of consequence. But when data is protected by state or federal laws, such as social security numbers, credit card numbers, or protected health information (PHI), there are usually legally required notifications and potentially fines. In the case of financial transactions, there are also the PCI-DSS rules to adhere to.
Given recent insights into the value of complicated passwords and frequent password changes, your user base may also be getting conflicting information from its corporate IT policymakers and friends, colleagues, or the Twitterverse. To help you keep your staff in sync with your security policy wishes, our colleagues at Datamation have put together a collection of three central tips that may help you to successfully engage the folks in your community.
Read the full story here.