Policies and Procedures

Good policies facilitate better security.

Effective policies save you money.

Clear and effective information technology policies ensure the best chance of adoption by your employees and contractors. When written effectively, these policies provide clear guidelines and set the proper expectations to ensure that the human factor isn’t your weakest link.

No matter what security technology and protocols are in place, it’s only as good as the team of people you have running it. Time and time again, an employee’s failure to properly comply with a company’s security policy is a major cause of security breaches. It is therefore critical to not only have the right security infrastructure, but also to ensure you have a clear set of security guidelines employees can understand, implement and follow.

Just like your information technology and security needs, there is no one size fits all approach when it comes to security policies and procedures. Every organization has unique needs. Let Intersec help design security policies that fit your company’s specific needs.

Our policies and policy reviews are based on industry requirements such as PCI-DSS, GLBA, HIPAA/HITECH, etc., and cover both general information and security best practices. Topics covered include:

  • User access rights
  • Acceptable user policies
  • Network design and segmentation
  • System configuration
  • System patching and configuration management
  • Secure application coding
  • Physical and electronic access controls
  • Event logging and review
  • System security testing
  • Firewall configuration
  • Sensitive data minimization
  • Sensitive data encryption (at rest and during transmission)
  • Anti-malware systems
  • File & Data Integrity System Remediation
  • Security log reviews
  • Security information retention
  • Incident & Breach response

 

When it comes to guiding the behavior of your staff and employees, let us help you implement the most effective policies and procedures.