cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Help2Secure
Viewer

Action to secure

What compels your Enduser or customers to follow Security recommendations? Regulations or otherwise?
2 Replies
minidriver
Viewer

Pretty much all of our customers are required to ensure their systems are secure in accordance with government regulations. If it wasn't for requirements like HIPPA, Sarbanes-Oxley, PCI, etc. I imagine an awful lot of companies would just try whatever sounded like a good idea from the last salesman or not bother implementing anything.

Anne
Newcomer I

Regulation here. I’m in banking and having examiners down your throat regularly is the fear factor.

That being said, what keeps them actually doing more than the letter of the law is a robust training and employee involvement program. Many varieties of social engineering tests monthly or more frequently, fun games to “spot” security holes, posters and fliers in the break areas, mandatory testing, involvement with presentations in department meetings, full staff and board meetings. Individual meetings with department heads, executive staff and the board because... and this is the big bit... all of senior management getting involved is the game changer.

If I know other Execs are passing down my info and taking it seriously, everyone does. Getting their buy-in can take time, but it’s necessary to implement a program and see real, long-term results. It’s not just a policy to sign, it’s keeping the culture security-conscious.