Personnel issues

Most cybercrime is successful due to the actions of people that work for the company, and therefore we need to set up policies to mitigate against any attack. Let's look at some of the personnel security issues facing the security team:

  • Policy violation: Companies write policies so that all employees know what is expected of them so that risks can be mitigated. During the induction period, the HR team makes the new personnel aware of, and read and sign the company policies. For example, if I am going to use email, there will be an email policy to guide me or if I am a remote user I am expected to use a VPN to gain access to the company when I am a remote user. Company employees should be reminded that failure to comply with ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.