SlideShare ist ein Scribd-Unternehmen logo

SECURITY

Tony Fanelli
Tony Fanelli
1 von 1
Downloaden Sie, um offline zu lesen
Healthcare technology solutions are available through the PC Connection, Inc. family of companies. Call today. 1.800.395.8685 Small to Medium Acute or Ambulatory Facilities www.pcconnection.com/healthcare Government Owned and Academic Hospitals www.govconnection.com/healthcare Large and Acute Care Centers and IDNs www.moredirect.com/healthcare ©2015 PC Connection, Inc. All rights reserved. PC Connection, GovConnection, and MoreDirect are registered trademarks of PC Connection, Inc. or its subsidiaries. All copyrights and trademarks remain the property of their respective owners. #178640 0615 Top Four Essentials for Your Security Policy In an era when security threats morph daily and compliance regulations get more complex every year, creating a solid and up-to-date security program is crucial. A good security program must cover your organization end-to-end and line up with your company’s risk management strategy, and provide all the necessary standards, guidelines, and policies to enforce the program. It must also be flexible enough to incorporate ongoing revisions and updates. And it must be enforceable—otherwise, it’s just an object of employee derision and a waste of time. Below are four critical attributes of a credible policy. Don’t Expose Your Organization to Unnecessary Risks WRITTEN BY STEPHEN NARDONE 1. Create an end-to-end policy (don’t just talk about it). Research shows that business executives and IT managers alike believe the coordination of a security program across the organization’s entire data network is essential. Nevertheless, many organizations neglect to include their whole range of data assets when setting a program and developing policies. End-to-end security means protecting data from its point of origin, through all points of transit, to its resting point in storage. You need to examine these points for all of your data, whether they lie on your own servers or in a cloud, and set up measures to address any potential security gaps. Encryption, authentication, authorization, and other means of access control should all be included in the policies and spelled out for every type of data. Include information about penalties for violations, such as revocation of credentials and denial of access, so users can see that the program has merit. 2. Coordinate with risk assessment. Before you finalize your program, go over your organization’s risk assessment documentation to make sure it covers all relevant potential hazards identified, including special risk circumstances and industry-specific compliance regulations. No two organizations are exactly alike, and while it may be tempting to cut and paste a generic policy from the internet, as many organizations do, you are doing your own organization a disservice unless you address your specific risks. 3. Build in a plan for updates and revisions. Once you have a security program in place, review it regularly to make sure it still meets your needs. The IT department should keep up with current trends, monitoring news and comparing its own program with competitors’ to make sure that new threats are addressed. Whenever your organization expands its operations, a review should be done, both to make sure the current program is up-to-date and to account for any new wrinkles the new business line may introduce. 4. Make it enforceable. A security program is useless unless all of its provisions can be enforced. Employees will notice unenforceable requirements and become frustrated and less trustful of the entire program. You can use a variety of security compliance tools that formulate policy requirements into a database and monitor compliance across networks, fixing vulnerabilities as they occur. These systems need to be coordinated with anti-virus software, firewalls, and other security programs already in place. About the Author: Stephen Nardone is Director of Security Solutions and Services at PC Connection, Inc. with over 34 years of experience in both the government side and the commercial side of the security business. Discover more of Nardone’s insights on our official blog, Connected, at www.pcconnection.com/NardoneBlog

Empfohlen

HPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly InnovateHPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly Innovatescoopnewsgroup
 
Cybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. BaldwinCybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. Baldwinscoopnewsgroup
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policycharlesgarrett
 
Cybersecurity: Quick Preparedness Assessment
Cybersecurity: Quick Preparedness AssessmentCybersecurity: Quick Preparedness Assessment
Cybersecurity: Quick Preparedness AssessmentCBIZ, Inc.
 
Implementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiImplementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiDaneWarren
 
Infographic the new era of corporate continuity of operations
Infographic the new era of corporate continuity of operationsInfographic the new era of corporate continuity of operations
Infographic the new era of corporate continuity of operationsProfessor Eric K. Noji, M.D., MPH, DTMH(Lon), FRCP(UK)hon
 
How Do You Define Continuous Monitoring?
How Do You Define Continuous Monitoring?How Do You Define Continuous Monitoring?
How Do You Define Continuous Monitoring?Tieu Luu
 
Top Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS DataTop Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS DataSysCloud
 

Empfohlen

HPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly InnovateHPE Protect 2016 - Fearlessly Innovate
HPE Protect 2016 - Fearlessly Innovatescoopnewsgroup
 
Cybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. BaldwinCybersecurity in Acquisition - Kristen J. Baldwin
Cybersecurity in Acquisition - Kristen J. Baldwinscoopnewsgroup
 
Importance Of A Security Policy
Importance Of A Security PolicyImportance Of A Security Policy
Importance Of A Security Policycharlesgarrett
 
Cybersecurity: Quick Preparedness Assessment
Cybersecurity: Quick Preparedness AssessmentCybersecurity: Quick Preparedness Assessment
Cybersecurity: Quick Preparedness AssessmentCBIZ, Inc.
 
Implementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiImplementing Business Aligned Security Strategy Dane Warren Li
Implementing Business Aligned Security Strategy Dane Warren LiDaneWarren
 
Infographic the new era of corporate continuity of operations
Infographic the new era of corporate continuity of operationsInfographic the new era of corporate continuity of operations
Infographic the new era of corporate continuity of operationsProfessor Eric K. Noji, M.D., MPH, DTMH(Lon), FRCP(UK)hon
 
How Do You Define Continuous Monitoring?
How Do You Define Continuous Monitoring?How Do You Define Continuous Monitoring?
How Do You Define Continuous Monitoring?Tieu Luu
 
Top Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS DataTop Threats Facing Organizations Cloud / SaaS Data
Top Threats Facing Organizations Cloud / SaaS DataSysCloud
 
7-lessons-learned-from-bsimm
7-lessons-learned-from-bsimm7-lessons-learned-from-bsimm
7-lessons-learned-from-bsimmMarie Peters
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber securityAshish Mishra ☁
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber securityTevfik Üret
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT Innovators
 
Security policies
Security policiesSecurity policies
Security policiesNishant Pahad
 
IT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsCommunity IT Innovators
 
Cyber Defence - Service portfolio
Cyber Defence - Service portfolioCyber Defence - Service portfolio
Cyber Defence - Service portfolioKaloyan Krastev
 
Application Security in Times of Globalization
Application Security in Times of GlobalizationApplication Security in Times of Globalization
Application Security in Times of GlobalizationAujas Networks Pvt. Ltd.
 
Transform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationTransform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationEnterprise Management Associates
 
About Cybersecurity
About CybersecurityAbout Cybersecurity
About CybersecurityeLearning Consortium 電子學習聯盟
 
Developing an Information Security Roadmap
Developing an Information Security RoadmapDeveloping an Information Security Roadmap
Developing an Information Security RoadmapAustin Songer
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Tammy Clark
 
10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident DetectionTripwire
 
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...XEventsHospitality
 
Manning Information Security Strategy
Manning Information Security StrategyManning Information Security Strategy
Manning Information Security StrategyDonald Tabone
 
Plan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestPlan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestHewlett Packard Enterprise Business Value Exchange
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
4 Steps to Optimized Healthcare Cybersecurity
4 Steps to Optimized Healthcare Cybersecurity4 Steps to Optimized Healthcare Cybersecurity
4 Steps to Optimized Healthcare CybersecurityInsight
 
Security Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident ResponseSecurity Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident ResponseSiemplify
 
Get Prepared
Get PreparedGet Prepared
Get PreparedHewlett Packard Enterprise Business Value Exchange
 
Fanelli,Anthony_WNYResume_Y
Fanelli,Anthony_WNYResume_YFanelli,Anthony_WNYResume_Y
Fanelli,Anthony_WNYResume_YTony Fanelli
 
CONSUMER MOBILE APPS
CONSUMER MOBILE APPSCONSUMER MOBILE APPS
CONSUMER MOBILE APPSTony Fanelli
 

Weitere ähnliche Inhalte

Was ist angesagt?

7-lessons-learned-from-bsimm
7-lessons-learned-from-bsimm7-lessons-learned-from-bsimm
7-lessons-learned-from-bsimmMarie Peters
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber securityTevfik Üret
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT Innovators
 
IT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsCommunity IT Innovators
 
Cyber Defence - Service portfolio
Cyber Defence - Service portfolioCyber Defence - Service portfolio
Cyber Defence - Service portfolioKaloyan Krastev
 
Application Security in Times of Globalization
Application Security in Times of GlobalizationApplication Security in Times of Globalization
Application Security in Times of GlobalizationAujas Networks Pvt. Ltd.
 
Transform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationTransform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationEnterprise Management Associates
 
Developing an Information Security Roadmap
Developing an Information Security RoadmapDeveloping an Information Security Roadmap
Developing an Information Security RoadmapAustin Songer
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Tammy Clark
 
10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident DetectionTripwire
 
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...XEventsHospitality
 
Manning Information Security Strategy
Manning Information Security StrategyManning Information Security Strategy
Manning Information Security StrategyDonald Tabone
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standardsprimeteacher32
 
4 Steps to Optimized Healthcare Cybersecurity
4 Steps to Optimized Healthcare Cybersecurity4 Steps to Optimized Healthcare Cybersecurity
4 Steps to Optimized Healthcare CybersecurityInsight
 
Security Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident ResponseSecurity Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident ResponseSiemplify
 

Was ist angesagt? (20)

7-lessons-learned-from-bsimm
7-lessons-learned-from-bsimm7-lessons-learned-from-bsimm
7-lessons-learned-from-bsimm
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber security
 
10 steps to cyber security
10 steps to cyber security10 steps to cyber security
10 steps to cyber security
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security Policy
 
Security policies
Security policiesSecurity policies
Security policies
 
IT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for Nonprofits
 
Cyber Defence - Service portfolio
Cyber Defence - Service portfolioCyber Defence - Service portfolio
Cyber Defence - Service portfolio
 
Application Security in Times of Globalization
Application Security in Times of GlobalizationApplication Security in Times of Globalization
Application Security in Times of Globalization
 
Transform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationTransform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and Orchestration
 
About Cybersecurity
About CybersecurityAbout Cybersecurity
About Cybersecurity
 
Developing an Information Security Roadmap
Developing an Information Security RoadmapDeveloping an Information Security Roadmap
Developing an Information Security Roadmap
 
Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09Supplement To Student Guide Seminar 03 A 3 Nov09
Supplement To Student Guide Seminar 03 A 3 Nov09
 
10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection10 Steps to Better Security Incident Detection
10 Steps to Better Security Incident Detection
 
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...
Build A Business Case For IT Security - Dhananjay Rokde (Hotel_Digital_Securi...
 
Manning Information Security Strategy
Manning Information Security StrategyManning Information Security Strategy
Manning Information Security Strategy
 
Plan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestPlan for the Worst; Fight for the Best
Plan for the Worst; Fight for the Best
 
Security Policies and Standards
Security Policies and StandardsSecurity Policies and Standards
Security Policies and Standards
 
4 Steps to Optimized Healthcare Cybersecurity
4 Steps to Optimized Healthcare Cybersecurity4 Steps to Optimized Healthcare Cybersecurity
4 Steps to Optimized Healthcare Cybersecurity
 
Security Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident ResponseSecurity Orchestration, Automation & Incident Response
Security Orchestration, Automation & Incident Response
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
 

Andere mochten auch

Fanelli,Anthony_WNYResume_Y
Fanelli,Anthony_WNYResume_YFanelli,Anthony_WNYResume_Y
Fanelli,Anthony_WNYResume_YTony Fanelli
 
CONSUMER MOBILE APPS
CONSUMER MOBILE APPSCONSUMER MOBILE APPS
CONSUMER MOBILE APPSTony Fanelli
 
AIM Example Report
AIM Example ReportAIM Example Report
AIM Example ReportTony Fanelli
 
12 Disruptive Forces in Healthcare
12 Disruptive Forces in Healthcare12 Disruptive Forces in Healthcare
12 Disruptive Forces in HealthcareTony Fanelli
 
Northern Tier Discussion Deck Presentation
Northern Tier Discussion Deck PresentationNorthern Tier Discussion Deck Presentation
Northern Tier Discussion Deck PresentationModicum
 
12 Disruptive Forces in Healthcare
12 Disruptive Forces in Healthcare12 Disruptive Forces in Healthcare
12 Disruptive Forces in HealthcareTony Fanelli
 
How the Challenger Sale philosophy applies to CSM
How the Challenger Sale philosophy applies to CSMHow the Challenger Sale philosophy applies to CSM
How the Challenger Sale philosophy applies to CSMGainsight
 
Miniclip Sales and Marketing Presentation
Miniclip Sales and Marketing PresentationMiniclip Sales and Marketing Presentation
Miniclip Sales and Marketing PresentationModicum
 
Arthur Lawrence Corporate Overview
Arthur Lawrence Corporate OverviewArthur Lawrence Corporate Overview
Arthur Lawrence Corporate OverviewModicum
 
Is Your Presentation Kick Ass? Infographic
Is Your Presentation Kick Ass? InfographicIs Your Presentation Kick Ass? Infographic
Is Your Presentation Kick Ass? InfographicModicum
 
The 25 most important tenets of the Challenger Sale approach
The 25 most important tenets of the Challenger Sale approachThe 25 most important tenets of the Challenger Sale approach
The 25 most important tenets of the Challenger Sale approachHeinz Marketing Inc
 
The Challenger Sale - Matt Dixon
The Challenger Sale - Matt DixonThe Challenger Sale - Matt Dixon
The Challenger Sale - Matt DixonInsideSales.com
 
The Challenger Sale: Commercial Teaching and Your Sales Presentation
The Challenger Sale: Commercial Teaching and Your Sales PresentationThe Challenger Sale: Commercial Teaching and Your Sales Presentation
The Challenger Sale: Commercial Teaching and Your Sales PresentationModicum
 

Andere mochten auch (16)

Fanelli,Anthony_WNYResume_Y
Fanelli,Anthony_WNYResume_YFanelli,Anthony_WNYResume_Y
Fanelli,Anthony_WNYResume_Y
 
CONSUMER MOBILE APPS
CONSUMER MOBILE APPSCONSUMER MOBILE APPS
CONSUMER MOBILE APPS
 
NFMMC NETWORK
NFMMC NETWORKNFMMC NETWORK
NFMMC NETWORK
 
PAYMENT MODELS
PAYMENT MODELSPAYMENT MODELS
PAYMENT MODELS
 
AIM Example Report
AIM Example ReportAIM Example Report
AIM Example Report
 
12 Disruptive Forces in Healthcare
12 Disruptive Forces in Healthcare12 Disruptive Forces in Healthcare
12 Disruptive Forces in Healthcare
 
Northern Tier Discussion Deck Presentation
Northern Tier Discussion Deck PresentationNorthern Tier Discussion Deck Presentation
Northern Tier Discussion Deck Presentation
 
12 Disruptive Forces in Healthcare
12 Disruptive Forces in Healthcare12 Disruptive Forces in Healthcare
12 Disruptive Forces in Healthcare
 
How the Challenger Sale philosophy applies to CSM
How the Challenger Sale philosophy applies to CSMHow the Challenger Sale philosophy applies to CSM
How the Challenger Sale philosophy applies to CSM
 
Miniclip Sales and Marketing Presentation
Miniclip Sales and Marketing PresentationMiniclip Sales and Marketing Presentation
Miniclip Sales and Marketing Presentation
 
Arthur Lawrence Corporate Overview
Arthur Lawrence Corporate OverviewArthur Lawrence Corporate Overview
Arthur Lawrence Corporate Overview
 
strategy execution process
strategy execution processstrategy execution process
strategy execution process
 
Is Your Presentation Kick Ass? Infographic
Is Your Presentation Kick Ass? InfographicIs Your Presentation Kick Ass? Infographic
Is Your Presentation Kick Ass? Infographic
 
The 25 most important tenets of the Challenger Sale approach
The 25 most important tenets of the Challenger Sale approachThe 25 most important tenets of the Challenger Sale approach
The 25 most important tenets of the Challenger Sale approach
 
The Challenger Sale - Matt Dixon
The Challenger Sale - Matt DixonThe Challenger Sale - Matt Dixon
The Challenger Sale - Matt Dixon
 
The Challenger Sale: Commercial Teaching and Your Sales Presentation
The Challenger Sale: Commercial Teaching and Your Sales PresentationThe Challenger Sale: Commercial Teaching and Your Sales Presentation
The Challenger Sale: Commercial Teaching and Your Sales Presentation
 

Ähnlich wie SECURITY

Five steps to achieve success with application security
Five steps to achieve success with application securityFive steps to achieve success with application security
Five steps to achieve success with application securityIBM Security
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldnooralmousa
 
Selling Your Organization on Application Security
Selling Your Organization on Application SecuritySelling Your Organization on Application Security
Selling Your Organization on Application SecurityVeracode
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxwkyra78
 
MCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability StatementMCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability StatementWilliam McBorrough
 
Selecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuideSelecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuideHCLSoftware
 
Procuring an Application Security Testing Partner
Procuring an Application Security Testing PartnerProcuring an Application Security Testing Partner
Procuring an Application Security Testing PartnerHCLSoftware
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee StudyHiten Sethi
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsSirius
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFLaurie Mosca-Cocca
 
7 Best Practices to Protect Critical Business Information [Infographic]
7 Best Practices to Protect Critical Business Information [Infographic]7 Best Practices to Protect Critical Business Information [Infographic]
7 Best Practices to Protect Critical Business Information [Infographic]Citrix
 
Connection can help keep your business secure!
Connection can help keep your business secure!Connection can help keep your business secure!
Connection can help keep your business secure!Heather Salmons Newswanger
 
Strengthening Security with Continuous Monitoring
Strengthening Security with Continuous MonitoringStrengthening Security with Continuous Monitoring
Strengthening Security with Continuous MonitoringBooz Allen Hamilton
 
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdfAfour tech
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Accounting_Whitepapers
 
Information Security Analyst Resume. When seeking
Information Security Analyst Resume. When seekingInformation Security Analyst Resume. When seeking
Information Security Analyst Resume. When seekingDanielle Bowers
 

Ähnlich wie SECURITY (20)

Five steps to achieve success with application security
Five steps to achieve success with application securityFive steps to achieve success with application security
Five steps to achieve success with application security
 
Meraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless worldMeraj Ahmad - Information security in a borderless world
Meraj Ahmad - Information security in a borderless world
 
Selling Your Organization on Application Security
Selling Your Organization on Application SecuritySelling Your Organization on Application Security
Selling Your Organization on Application Security
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan
 
MCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability StatementMCGlobalTech Commercial Cybersecurity Capability Statement
MCGlobalTech Commercial Cybersecurity Capability Statement
 
Selecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuideSelecting an App Security Testing Partner: An eGuide
Selecting an App Security Testing Partner: An eGuide
 
Procuring an Application Security Testing Partner
Procuring an Application Security Testing PartnerProcuring an Application Security Testing Partner
Procuring an Application Security Testing Partner
 
State of Security McAfee Study
State of Security McAfee StudyState of Security McAfee Study
State of Security McAfee Study
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
 
Cybersecurity.pdf
Cybersecurity.pdfCybersecurity.pdf
Cybersecurity.pdf
 
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDFGT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
GT11_ATT_GuideBk_CyberSecurity_FINAL_V.PDF
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
Security-Brochure
Security-BrochureSecurity-Brochure
Security-Brochure
 
7 Best Practices to Protect Critical Business Information [Infographic]
7 Best Practices to Protect Critical Business Information [Infographic]7 Best Practices to Protect Critical Business Information [Infographic]
7 Best Practices to Protect Critical Business Information [Infographic]
 
Connection can help keep your business secure!
Connection can help keep your business secure!Connection can help keep your business secure!
Connection can help keep your business secure!
 
Strengthening Security with Continuous Monitoring
Strengthening Security with Continuous MonitoringStrengthening Security with Continuous Monitoring
Strengthening Security with Continuous Monitoring
 
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
10 Most Important Strategies for Cybersecurity Risk Mitigation.pdf
 
Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015Cyber risk management-white-paper-v8 (2) 2015
Cyber risk management-white-paper-v8 (2) 2015
 
Information Security Analyst Resume. When seeking
Information Security Analyst Resume. When seekingInformation Security Analyst Resume. When seeking
Information Security Analyst Resume. When seeking
 

Mehr von Tony Fanelli

PRESENTATION_HEALTHCARE LEADERSHIP_QUEST
PRESENTATION_HEALTHCARE LEADERSHIP_QUESTPRESENTATION_HEALTHCARE LEADERSHIP_QUEST
PRESENTATION_HEALTHCARE LEADERSHIP_QUESTTony Fanelli
 
Predictions_2016_The_Mobi__1_
Predictions_2016_The_Mobi__1_Predictions_2016_The_Mobi__1_
Predictions_2016_The_Mobi__1_Tony Fanelli
 
MH AND CD CONTINUUM2
MH AND CD CONTINUUM2MH AND CD CONTINUUM2
MH AND CD CONTINUUM2Tony Fanelli
 
NCQA_Future Vision for Medicare Value-Based Payments Final
NCQA_Future Vision for Medicare Value-Based Payments FinalNCQA_Future Vision for Medicare Value-Based Payments Final
NCQA_Future Vision for Medicare Value-Based Payments FinalTony Fanelli
 
MH AND CD CONTINUUM NOTES
MH AND CD CONTINUUM NOTESMH AND CD CONTINUUM NOTES
MH AND CD CONTINUUM NOTESTony Fanelli
 
TM MBILE STRATEGIES
TM MBILE STRATEGIESTM MBILE STRATEGIES
TM MBILE STRATEGIESTony Fanelli
 
Patient_Engagement_Whitepaper
Patient_Engagement_WhitepaperPatient_Engagement_Whitepaper
Patient_Engagement_WhitepaperTony Fanelli
 
Mobile-Devices-Whitepaper_(1)
Mobile-Devices-Whitepaper_(1)Mobile-Devices-Whitepaper_(1)
Mobile-Devices-Whitepaper_(1)Tony Fanelli
 
POPULATION_HLTH_MGMT
POPULATION_HLTH_MGMTPOPULATION_HLTH_MGMT
POPULATION_HLTH_MGMTTony Fanelli
 

Mehr von Tony Fanelli (20)

PRESENTATION_HEALTHCARE LEADERSHIP_QUEST
PRESENTATION_HEALTHCARE LEADERSHIP_QUESTPRESENTATION_HEALTHCARE LEADERSHIP_QUEST
PRESENTATION_HEALTHCARE LEADERSHIP_QUEST
 
Predictions_2016_The_Mobi__1_
Predictions_2016_The_Mobi__1_Predictions_2016_The_Mobi__1_
Predictions_2016_The_Mobi__1_
 
MH AND CD CONTINUUM2
MH AND CD CONTINUUM2MH AND CD CONTINUUM2
MH AND CD CONTINUUM2
 
NCQA_Future Vision for Medicare Value-Based Payments Final
NCQA_Future Vision for Medicare Value-Based Payments FinalNCQA_Future Vision for Medicare Value-Based Payments Final
NCQA_Future Vision for Medicare Value-Based Payments Final
 
MH AND CD CONTINUUM NOTES
MH AND CD CONTINUUM NOTESMH AND CD CONTINUUM NOTES
MH AND CD CONTINUUM NOTES
 
TM MBILE STRATEGIES
TM MBILE STRATEGIESTM MBILE STRATEGIES
TM MBILE STRATEGIES
 
Patient_Engagement_Whitepaper
Patient_Engagement_WhitepaperPatient_Engagement_Whitepaper
Patient_Engagement_Whitepaper
 
Mobile-Devices-Whitepaper_(1)
Mobile-Devices-Whitepaper_(1)Mobile-Devices-Whitepaper_(1)
Mobile-Devices-Whitepaper_(1)
 
HIT_2016
HIT_2016HIT_2016
HIT_2016
 
NFMMC NETWORK
NFMMC NETWORKNFMMC NETWORK
NFMMC NETWORK
 
CCM CARE PLAN
CCM CARE PLANCCM CARE PLAN
CCM CARE PLAN
 
CCM CPT 99490
CCM CPT 99490CCM CPT 99490
CCM CPT 99490
 
CCM FAQ
CCM FAQCCM FAQ
CCM FAQ
 
CCM
CCMCCM
CCM
 
READMISSION
READMISSIONREADMISSION
READMISSION
 
PH_VALUE-BASED
PH_VALUE-BASEDPH_VALUE-BASED
PH_VALUE-BASED
 
RCM
RCMRCM
RCM
 
MTM2
MTM2MTM2
MTM2
 
POPULATION_HLTH_MGMT
POPULATION_HLTH_MGMTPOPULATION_HLTH_MGMT
POPULATION_HLTH_MGMT
 
Challenger-Data
Challenger-DataChallenger-Data
Challenger-Data
 

SECURITY

  • 1. Healthcare technology solutions are available through the PC Connection, Inc. family of companies. Call today. 1.800.395.8685 Small to Medium Acute or Ambulatory Facilities www.pcconnection.com/healthcare Government Owned and Academic Hospitals www.govconnection.com/healthcare Large and Acute Care Centers and IDNs www.moredirect.com/healthcare ©2015 PC Connection, Inc. All rights reserved. PC Connection, GovConnection, and MoreDirect are registered trademarks of PC Connection, Inc. or its subsidiaries. All copyrights and trademarks remain the property of their respective owners. #178640 0615 Top Four Essentials for Your Security Policy In an era when security threats morph daily and compliance regulations get more complex every year, creating a solid and up-to-date security program is crucial. A good security program must cover your organization end-to-end and line up with your company’s risk management strategy, and provide all the necessary standards, guidelines, and policies to enforce the program. It must also be flexible enough to incorporate ongoing revisions and updates. And it must be enforceable—otherwise, it’s just an object of employee derision and a waste of time. Below are four critical attributes of a credible policy. Don’t Expose Your Organization to Unnecessary Risks WRITTEN BY STEPHEN NARDONE 1. Create an end-to-end policy (don’t just talk about it). Research shows that business executives and IT managers alike believe the coordination of a security program across the organization’s entire data network is essential. Nevertheless, many organizations neglect to include their whole range of data assets when setting a program and developing policies. End-to-end security means protecting data from its point of origin, through all points of transit, to its resting point in storage. You need to examine these points for all of your data, whether they lie on your own servers or in a cloud, and set up measures to address any potential security gaps. Encryption, authentication, authorization, and other means of access control should all be included in the policies and spelled out for every type of data. Include information about penalties for violations, such as revocation of credentials and denial of access, so users can see that the program has merit. 2. Coordinate with risk assessment. Before you finalize your program, go over your organization’s risk assessment documentation to make sure it covers all relevant potential hazards identified, including special risk circumstances and industry-specific compliance regulations. No two organizations are exactly alike, and while it may be tempting to cut and paste a generic policy from the internet, as many organizations do, you are doing your own organization a disservice unless you address your specific risks. 3. Build in a plan for updates and revisions. Once you have a security program in place, review it regularly to make sure it still meets your needs. The IT department should keep up with current trends, monitoring news and comparing its own program with competitors’ to make sure that new threats are addressed. Whenever your organization expands its operations, a review should be done, both to make sure the current program is up-to-date and to account for any new wrinkles the new business line may introduce. 4. Make it enforceable. A security program is useless unless all of its provisions can be enforced. Employees will notice unenforceable requirements and become frustrated and less trustful of the entire program. You can use a variety of security compliance tools that formulate policy requirements into a database and monitor compliance across networks, fixing vulnerabilities as they occur. These systems need to be coordinated with anti-virus software, firewalls, and other security programs already in place. About the Author: Stephen Nardone is Director of Security Solutions and Services at PC Connection, Inc. with over 34 years of experience in both the government side and the commercial side of the security business. Discover more of Nardone’s insights on our official blog, Connected, at www.pcconnection.com/NardoneBlog