Tailored Security Policy

• Goal is to influence behavior

• Need to enable, not just to deny

  • Users can route around controls all too easily
  • Become cost of sales, not just overhead

• Focus on the business needs

  • What data will be handled?
  • How can that data be accessed?
  • What is your organization’s paranoia level?
  • What controls are required on that data?

Previous slide

Next slide

Back to first slide

View graphic version