Before we started, ask yourself the next question:Do I think my data business is secure? what is a data policy?Security policies seem like something that is part of the big companies, but any business, even the smaller one can be a benefit of the implementation of one security policies.These policies come from the knowledge of your own business and create one policy based on what your business needs.
What is a data policy?
Data policy is the commitment to protect all the information that your team create and uses.Here are some points to start:
Internet use
Should you prohibite the internet use at the office? Maybe not, this is a huge tool, but you can the option to block some domains that may cause problems.Some common restricted websites are:* Social media (Facebook, Twitter, Pinterest, Instagram, Tumblr, Reddit, Flickr)* Streaming video/music websites (YouTube, Vimeo, Vevo, Twitch, Pandora, Spotify)* Job-hunting sites (Indeed, Monster, Craigslist, ZipRecruiter, Snagajob)* Shopping (eBay, Amazon, Alibaba, etsy, Overstock)* News (MSN, Yahoo, TIME, USA Today, New York Times, Washington Post, Huffington Post, CNN, Fox, NBC, BuzzFeed, Upworthy, Distractify)* Personal email (Gmail, Yahoo, Hotmail, AOL)* All porn, gambling, and illegal activity websitesAcordindly with the necesities of the Company, you can decide what is working for you and change as necesary.
Security
Create and outline best practiques that the personal must follow whe they use Company devices.-Employeed should never share passwords and must change their passwords often. Also have standars for create passwords ( capital, number, signals).-Create an Schedule to update antivirus.-Never should never open email attachments or links they are expecting or doesnt know the procedence. In case they suspect or something, who should i sent this?-Unless used for business purposes, we recommend disallowing use of social media on company devices. Many instances of malware and phishing happen through social media.
Confidential Data
Your bussiness likely holds a bunch of data, clients, employees, product, services and other details that must be handled correctly.You must start to clasify the importance of the data in the organization, strating there, you will be able to create passwrods, storing and better protocoles to handle this information.
What happen if..?
Is very important to have aplan to action, is something happen what should do?, how should speak to?Include the employees and the people who have access to all the information, the should know what to do or who may the recure in case of something has happened.
You must use you leader approach and make them safe if there is any error. Everyone makes mistakes.Of course, a mistake is a way to diferent for a malicious intent, intentional violations shouldnt be preotected.
Guest Access and Email
If your Company offer Wifi/internet Access, we recomen you create a guest network for this. This will make yo usure guest only have Access to what they need and not your internal information.Email is an inprescendible tool, but also is important to make clear what is for. Are employes allowed to use work email for personal needs?Is very importnat to create a guide that all knows , some persons may be no aware of the many threats that come through email or the web.Know that you know this:Do you think your data bussiness is secure?
