IT | Security

Information Security Best Practices - New Guide

By: Absolute Team | 6/29/2015

Information security, data security, device security – related terms that describe securing critical components of enterprise IT, all required to protect the financial viability and reputation of your organization. If a device or data falls into the wrong hands, the consequences can be catastrophic - lost sales revenue, executive job losses, and in some cases, financial bankruptcy.

With the impact of mobility and the cloud, IT and security teams are increasingly challenged to balance needs to enable the business while also protecting it. The reality is, IT often has limited control over devices and how they are being used, particularly if employees are circumventing controls in order to remain productive. Knowing these challenges, we have put together a best practices guide outlining how to protect your devices, the data they contain, and ultimately your organization.

In our new Information Security - Best Practices Guide, we lay out five goals for better device and data security:

  1. Educate users to protect the business - people are the biggest point of weakness in an organization, either directly compromising data or indirectly proving a weak point for cyber attack. Employees need ongoing education not just on phishing but also on how to be a good steward of business data.
  2. Support the user, not the device - standalone mobile device strategies often make it difficult for IT to effectively monitor security across the organization. Instead, a security profile per user would be consistent across all devices and allow for better risk management and response.
  3. Determine the necessary level of risk and constantly evaluate - the use of monitoring tools and automatic alerts are key to managing and responding to risk.
  4. Secure devices from cradle to grave - implementing controls from the moment a device is procured to the moment it is decommissioned or recycled.
  5. Enable a range of response mechanisms to cater for security incidents - creating a custom set of scenarios and conditions that would trigger a response or alert is key to protecting data effectively. Responses could range from messages to the end user to a full freeze or remote wipe, depending on the circumstances. Having this control could mean the difference between a security incident and a data breach.

Read more about how to achieve better data security with these five goals, detailed in our Information Security - Best Practices Guide. At Absolute, our Persistence technology allows our customers to maintain a connection with each device (computer, tablet, smartphone), regardless of user or location. This connection provides IT with consistent monitoring, device status, incident alerting, and security response options. Learn more at our website.