Secure Florida offers...

  • Security Alerts
  • C-Safe Classes
  • News and Info

create an account

Forgot your password?

Home > Business > Key Security Components

Key Components of Information Security

The following components, compiled by the Florida Department of Management Services, is a list of practices that could help your company on the road to better information security.

  1. Identify your risks.

    Determine what your company’s most critical information assets are, and spend your time and energy protecting what is most important.

  2. Get the CEO involved.

    Good security has to start from the top, with executives who help create a corporate culture that values security.

  3. Put someone in charge.

    Security is a complex job, so make sure someone is in charge of coordinating security efforts.

  4. Develop and implement a security policy.

    Establish guidelines for how your company handles and protects its data — from who makes sure software patches are installed, to how employees access their e-mail on the road, to how often passwords should be changed.

  5. Educate employees and raise awareness.

    Make security awareness an ongoing project. Employees need to understand why their role is so critical.

  6. Have a security audit done.

    Hire an independent third party to evaluate your security posture, and then use the recommendations made by the auditor.

  7. Incorporate physical security into the plan.

    The best security technology in the world will not do any good if a well-meaning employee lets the wrong person into the server room.

  8. Remember internal threats.

    Most attempted hacks come from the outside, but most successful ones start with people who have inside knowledge. Have a process in place to delete user accounts when employees quit or are let go.

  9. Stay tuned in.

    Make sure someone keeps track of new developments in information security, including new vulnerabilities and attacks.

  10. Prepare for the worst.

    Create an incident response plan to help you save time in the event of a security problem. This will lay out who needs to be involved, what their jobs are, and how you will minimize the damage.

  11. To help you determine the best cybersecurity protection for your organization, here is a link to a great resource: Florida's National Campaign for Cyber Hygiene, a low-cost program that any organization can adopt to achieve immediate and effective defenses against cyber attacks. It has a series of downloadable "toolkits" that outline the five elements of the program: Count, Configure, Control, Patch, Repeat.

RSS Feed | About Us | Contact Us | Sign up for The FIPC Dispatch | Sign up for The Beacon | Report a Crime