Continued from page 1
Make presenting your Security Policy part of your new employee orientation procedure. Make sure every employee reads policy, signs and dates a document certifying that it has been read, and then keep signed and dated certification in their respective personnel folder. And every time that your Security Policy is updated, make every employee read it again, and sign and date a document stating that they have read changes.
The types of topics you may want to cover in your company’s Security Policy include but are not limited to:
* What can be loaded onto an employee’s computer from floppy disk or CD
* What personal business, if any, can be conducted on company computer
* Which files or company information is allowed to leave internal network or is allowed to be sent out over Internet
* Who is allowed to install new software and software upgrades onto system, and equally important, who is not allowed to do this
* A password management and password change policy which includes acceptable length of passwords. Provide examples of permissible/non-permissible passwords. Examples of non-permissible passwords might include date of birth, names of pets, nicknames, children’s names, etc.
* Who’s allowed remote access to your network from off-site
* Policies for locking keyboard or using password protected screensavers when an employee’s PC is left unattended
* Who is allowed to attach their laptop or other portable computing device to network and what information they are allowed to upload/download
* Guidelines for vendors and other visitors who may need access to your network while they are on-site.
Whether you have one PC or several networked together, you have a lot of money invested. Protect this critical business asset with an iron-clad Security Policy.
Cavyl Stewart is the author of "135 Hot Tech Tips for Small Business Owners." To Download your free copy, just visit: http://www.find-small-business-software.com/135_tips.php