Auditing IT Infrastructures for Compliance, 3rd Edition
by Robert Johnson, Marty Weiss, Michael G. Solomon
Confidentiality Agreements
Employees who work with sensitive information can be both a great asset and a great risk. A person who understands the inner workings of your organization can protect sensitive information or defeat your security controls. Someone who knows your organization could make violations difficult to detect. Contractors who have access to sensitive information can be just as dangerous. How should your organization protect sensitive information from insiders? The answer is to implement a defense-in-depth strategy. Solid access controls and the principle of least privilege are both important, but neither is enough.
Some information leaks occur because of simple ignorance or carelessness. If workers don’t know that information ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access