As an industry professional, you're eligible to receive a printed copy of the journal.

Fill out your address below.






Please reset your password to access the new DRJ.com
Reset my password
Welcome aboard, !
You're all set. We've send you an email confirmation to
just to confirm you're you.

Welcome to DRJ

Already registered user? Please login here

Existing Users Log In
   

Create new account
(it's completely free). Subscribe

‘Security’ is no more a separate thing in an organization. 

The teams can no longer ignore this security aspect, leaving for operations or related teams who were inherently handling that function.

Technology advancements and emerging threats in parallel have filled the gaps among teams calling for a realization that effective results only come with collective efforts.

So, it’s high time for the organizations to think this way to remain secure in the information security (CS) or cyber security (CS) landscape.

Building a robust security posture for an organization doesn’t end with implementing related policies and procedures. It also requires every team involved to be aware of “why security and related policy?”

Unlike traditional procedures, teams shouldn’t wait for operations professionals to train security policies. They should start understanding the risks, possible remedies, and actions required. 

As part of this process, teams may also consider reading through security documentation, undergo self-learning programs and certifications, among others.

Make it a practice to have security considerations in mind while reviewing your documentation or procedures and getting them scanned by cyber or information security professionals.

You may adopt seven practices as a “first line of defense” for your organization’s IT security:

  1. Document Significance

Ensure that the documents you access part of your team’s activity are secure and have all permissions and access controls set to it. Make sure it is up to date with timely upgrades and required security patches. If not, talk to your operations teams about timely backups, access and version control, and storage mechanisms.

Defining significance for a document or a process makes your security teams take appropriate action and set the required security level.

  1. Authentication

Make sure to have an idea of your sign-in procedure: Single sign-on or set a unique password. This is important to support your security professionals in removing access if a password is lost/forgot.

  1. Keep Security Teams Informed

If you get new access to an account, make sure to document what access is given and anything you received without being asked. Another case is when your account is/being moved. Tell them what you need and do not need currently or also after moving.

In the other case of leaving access, let the security team know you do not retain access. Making security teams aware of your actions help them take appropriate actions.  

  1. Limited Access

Also called “least privilege” is the access you need to fulfill your assignment and nothing more. Some think of having additional access (than required) as something exciting. However, you are also getting the additional burden of responsibilities. It is recommended to be mindful of access requests. The best thing to do is to ask what you need.

  1. Transparency

Clear and open discussions about users, workflow, and IT security teams contribute to a safe and secure environment. Make your needs very clear for better ideas and control over permissions. Effective change management policies will add to the robustness of security policies.

  1. Data Loss Prevention

This is one crucial mechanism that is important to prevent data loss by any chance. While limiting access to consumer data is one must practice, having a mechanism in place helps you with more awareness and technical alerts.

  1. Principle of Least Privilege

Unnecessary access to consumer information causes unexpected problems leading to data loss. So, there should be technical controls in place for every employee to avoid such unnecessary access.

Conclusion

Simultaneous validation, robust internal segregation, and third-party contract review are some other crucial methods you may adopt to align with your organizational security policies. Good Luck!

August 12, 2020 – DRJ Academy Introduction

WATCH NOW

August 19, 2020 – Preparing to Reopen: Protecting Employees, Customers, and Visitors

WATCH NOW

August 26, 2020 – Peak Hurricane Season: 9 Tactical Steps to Preparedness

WATCH NOW

September 2, 2020 – DRaaS Playbook: Achieve IT Resilience through Cloud-Based DR with iland and Zerto

WATCH NOW

September 9, 2020 – Situational Awareness – Present and Future Imperatives

WATCH NOW

ABOUT THE AUTHOR

Sai Nikesh D

Sai Nikesh D is a senior content writer at the StealthLabs working on cybersecurity, technology news and other collaterals. A blend of creativity and passion with creative writing skill on a variety of publications related to various content types including technology, business, news, etc.

Successful Disaster Recovery Relies on Fast-Deploying Communication
Nature will always be an unprecedented force to be reckoned with, despite the preparations that governments, enterprises, and non-governmental (NGO)...
READ MORE
Geodiversity: An Essential Part of Any DR Plan, Despite Company Size
We’ve recently seen severe weather conditions worsen in America with the intensity of hurricanes increasing by 10 percent last year,...
READ MORE
What COVID-19 Can Teach Us About Seasonality
COVID-19 is causing a larger shift in many businesses that typical high seasons such as Christmas. While we can learn...
READ MORE
Three Quick Tips to a Successful Disaster Recovery Runbook
A myriad of scenarios can take a business down, risking damage to reputation, regulatory fines, and data loss. It’s key to...
READ MORE