New Training: Policies for Security

In this 9-video skill, CBT Nuggets trainer Keith Barker explains and describes the types of policies that improve organizational security. Watch this new Cyber Security training.

Watch the full course: Governance, Risk, and Compliance Training

This training includes:

• 9 videos

• 1.2 hours of training

You’ll learn these topics in this skill:

• Intro to Policies for Security

• Policies About Personnel

• Policies and Culture for Learning

• Diversity and Security

• End of Life Policies

• Data Policies

• Credential Policies

• Policies about Change

• Quiz and Review

What Security Policies Should an Organization Employ?

At a minimum, every organization should have security policies relating to premises, passwords, device controls, Internet usage and encryption.

Premise security policies detail how individuals can access an organization's buildings. It can include identification procedures and key card controls.

Password security policies detail the controls placed on the creation and usage of passwords and other sensitive credential information.

Device control security policies dictate how employees and authorized third-parties may access an organization's IT infrastructure, such as its computers and networking equipment. It can include how devices are secured and whether individuals can use their own devices to connect to the infrastructure.

Internet usage security policies describe what materials employees may access over the Internet and what programs they should use in order to do it as securely as possible.

Finally, encryption security policies identify how sensitive data, such as Social Security numbers, is encrypted to protect the privacy of information.