How to Draft Effective Security Policies - Absolute Blog | The Leader in Endpoint Visibility and Control | Absolute

IT
Security
Solutions
- Industries
  Distance Learning Solutions Hub for Education
  
  Confidently support your 1:1 remote learning programs with informational resources, actionable data, and essential features from Absolute.
  Visit the Resource Hub
  
  Education
  
  Healthcare
  
  Government
  
  Professional Services
  
  Financial Services
  
  Back
- Use Cases
  Case Study: Duarte Unified School District
  
  See how Absolute's Web Usage capabilities enabled Duarte to control their distance learning programs during the COVID-19 outbreak.
  Read the Case Study
  
  Device Lifecycle Management
  
  Automate Hardware Audits
  
  Automate Software Audits
  
  Improve Helpdesk Efficiency
  
  Find and Fix Vulnerabilities
  
  Enforce Security Standards
  
  Detect Endpoint Risks
  
  Respond to Endpoint Risks
  
  Prove Compliance
  
  GDPR Compliance
  
  Back
- Products
  Resource Center for Remote Work and Distance Learning during the COVID-19 Outbreak
  
  Actionable data and extended functionality to help our customers maintain business continuity.
  View COVID-19 Customer Resources
  
  Visibility See and track all your devices, software, and data - on or off your network.
  
  Control Arm your security team with the ability to remotely remediate endpoint risks immediately.
  
  Resilience Extend Persistence to critical third-party apps, ensuring that they're active and protecting you at all times.
  
  Back
- Back
Platform
2020: The State of Endpoint Resilience™️ Report

Explore the forces driving global trends in endpoint OS and application health, sourced from 8.5 million anonymized Absolute-enabled endpoints.
Get the Report
Partners
Whitepaper: NIST Cybersecurity Framework - Implementation Overview

Use these clear guidelines to implement the NIST's cybersecurity framework within your own organization.
View the Whitepaper
Request a Demo

By: Absolute Team | 4/16/2010

Michael Overly of CSO Online put together a fantastic point-by-point explanation of how to draft more effective security policies.

It's a quick and dirty summation of key points you should consider in your policy creation process. In brief, they include:

The policy should be understandable by all
The policy should explain why it is important - and why all in the company consider it so
The policy should lay out repercussions for failure to comply
Employees should sign the policy
The policy should be reviewed and updated often

Do you have an effective security policy?

To continue with this topic, the FTC also put together a list of 5 key issues your data security plan should address (see the tutorial on their website). This plan only talks about data security - not a comprehensive security policy - but since it was of a related topic, I thought I'd also share their tips!

Awareness: What data is being stored? Where?
Minimize: Only keep data you need.
Secure: Assess your risks and security options.
Trash it: Delete info periodically.
Make a plan: For a data breach & how to deal with it.

Here are some of our past posts on security policies:

Absolute Team

All Posts By This Author

Related Articles

Escalating Risks to Healthcare Data

Absolute Editorial Team - 7/23/2020

- 2 min read

Absolute Software Guide to Understanding HIPAA Compliance

Absolute Team - 6/19/2020

- 4 min read

It Doesn’t Matter What Business You’re In—Regulatory Compliance Matters

Absolute Team - 5/22/2020

View Recent Articles