Essay on Monitoring And Recovering Business Information

1311 Words May 24th, 2016 null Page
Control measure
In order to cover above mentioned vulnerabilities and threads, the studio can consider to apply below methods to protect its confidential information. Following the NSTISSI 4011 Security Model, there are three main steps, which the company needs to consider including: policy, technology, and training & education. Firstly, the policies should be discussed, reviewed then established. Next to technology step, many applications and solutions can be applied and setup to protecting, monitoring and recovering business information. Lastly, the education and training must be taken place to public the policies and guide the usage of appropriate applications to all employees and partners.

• Policy:
Security policies are the central resources of a company to regulate and protect its information by eliminating the common threats and identifying weaknesses. They will not only provide a basement of standards and guidelines for employees and partners, but also help to detect and judge on any inappropriate activities or violations.

The first and also one of the basic requirements for information security is the password strength, and it is even more important within a BYOD-adapted company. Since it can prevent an unauthorized person from accessing to the system by guessing some random and common passwords. A suitable policy, which defines password requirements and expire times, is a must. For instance, HT Studio should define and guide its employees how to create strong…

Related Documents