Solution Set

New mobility technologies, and the "cloud" create new risks to the security and privacy of data managed by IT.

(3-Dec-10) Consider the plight of the cardiologist affiliated with multiple hospitals. As she travels to each facility to tend patients, she needs the highly sensitive patient information and other similarly sensitive hospital data, as well....

Video

Over 50% of security breaches are a result of end-user error, oversight, and ignorance. IT security training is an effective method of reducing end-user related security breaches. Watch this video and review the other materials in the solution...

Tool

There are many factors that affect an organization's IT security training needs and goals: environment, specific security threats, and end-user perceptions and knowledge. This information is essential to have before you can begin creating your...

Tool

In order to create an effective IT security training program, you must make a series of key decisions based on information gathered during the Establishing Training Parameters phase. Save time and money by using this tool to ensure that those...

Note

Security breaches caused by end-user error can be costly and time consuming. IT security training is a highly effective method of mitigating these threats and their effect on organizations. Info-Tech research shows 45% of companies that perform...

Note

The development and deployment of an enterprise Security Policy that defines the what and how of enterprise security is now mandated by numerous regulatory and industry standards, such as HIPAA and PCI-DSS. The development of a Security Policy,...

Solution Set

This solution set will guide you through the process of developing a policy, vetting it with the business, and getting it implemented.

IT security is often overlooked and misunderstood by enterprises. Many feel that they have nothing worth stealing and any money spent on security is a wasted investment. Understand more about IT security and why it is important in every enterprise.

(4-Dec-09) Humans are the weakest link in any security scheme. Security professionals can do their best to protect systems with layers of anti-malware, personal and network firewalls, biometric login authentication, and even data encryption, but...

IT managers in healthcare have different priorities from their peers in other industries. Specifically, they allocate more resources to support and proportionally fewer to security and design and development. Address the potential problems of...

Human-based deception is one of the most dangerous forms of social engineering. Awareness about this type of attack and its various forms will help make an enterprise more secure. Use this note to learn about the common forms of human-based...

Technology-based deception is the most common form of social engineering. Awareness of this type of attack and its various forms will help make an enterprise more secure. Use this note to learn about the common forms of technology-based...

Social engineering represents one of the most significant threats to IT security. The strongest firewall or the best e-mail encryption program can all be rendered useless if a user can be manipulated into providing data that allows a hacker to...

Template/Policy

The foundation for addressing security threats is a clear set of security policies and standards. Use the "Security Standards Policy Table of Contents" template as a guide to setting up effective enterprise security policies.