Shift Focus Back To Policy

Ipswitch warns that companies who focus on quick-fix security tools instead of strengthening and enforcing information security policies risk devastating consequences in 2011.   “Organisations in many industries were hit hard by data breaches in 2010, a trend that’s sure to continue in 2011,” said Frank Kenney, VP of Global Strategy at Ipswitch File Transfer.  “As attacks grow more sophisticated and outsmart many security tools on the market, the most savvy companies will shift their focus to policy creation, management and enforcement to prevent both intentional and accidental data breaches.”

I strongly believe that all solutions to security problems should begin with policy.  The purpose of policy is to outline clearly what is expected and what is prohibited within the corporate environment.  These basic rules should guide employees in maintaining the vision, mission and values of the company.  All other rules, including those found in tool rulesets,  should be based upon and supporting these foundational rules.