Company Safeguards

Getting Down to Basics

  • Obtain support for information security from senior management.
  • Do not waste resources protecting that which does not require protection.
  • Identify which information should be protected and for how long.
  • If extremely sensitive, material should be hand-carried or transmitted using encryption techniques.
  • To dispose of sensitive material, shred or make it unreadable.
  • Valuable company information must not be left unattended in hotel rooms. This includes hardcopy and computer disks
  • E-mail and voicemail passwords must be protected and changed frequently.
  • All sensitive materials must be removed from conference rooms and chalkboards and whiteboards erased after meetings.
  • Where possible, conduct background investigations on all individuals with access to sensitive information.
  • Obtain nondisclosure agreements from employees, vendors, and others with access to proprietary information.

Taking the Next Step

  • Determine the monetary/competitive value of your information.
  • Develop information safeguarding guidelines that are practical and user friendly
  • Get user input and buy-in when developing an information security program.
  • Ask knowledgeable employees what should be protected; they know the market and the competition.
  • Form a partnership with the organization's legal and information systems departments to better address information security issues.
  • identify and get the cooperation of senior stakeholders in key areas, such as technology, finance, personnel, and marketing.
  • Train and periodically remind-from the first day of work through the exiting process--the appropriate people why certain information needs protection and of the guidelines used to protect it. 
  • Work with management to decide what access will be given consultants, subcontractors, and joint-venture partners.
  • Partner with the legal department and others to develop a process to review employee publications, such as papers and speeches including those to be placed on the Internet.
  • Ask new employees if they are obligated under any confidentiality or nondisclosure agreements.
  • Use annual performance reviews to remind employees of their obligations.

Always Remember

  • The disgruntled employee is the greatest threat to your organization.
  • Telephone conversations, both fixed and mobile, are vulnerable to intercept.
  • Information regarding the movement of your company aircraft, including routes and destinations, is available for sale on the Internet.
  • Be knowledgeable of your organization's physical assets, information assets, and vulnerabilities.
  

EED Co, Inc.
313, Avenue "J"
Brooklyn, New York  11230
Phone: (718) 338-2640
E-mail: info@spyneeds.com
www.spyneeds.com
www.antibug.cc