Making a Plan
As Paul Simon says in his classic song “50 Ways to Leave Your Lover, ” it's time to “Make a new plan, Stan. ” Only in this case, it's time to find 50 ways to leave your computer protected!
Where do you start? Whether you rework an old plan or build one from scratch, the six major components to an effective security plan are
- Policies and procedures
- Inventory and skills assessments
- Risk analysis
- Existing security measures
- Action plan
- Resources and follow-up
In the following section, we guide you through the details to include within each of these components for your plan.
Policies and procedures
If you're part of a larger online business, you might already have a book of policies and procedures carefully spelled out, tightly bound, and neatly filed away in every employee's desk. The reality for a smaller online company, though, is that you probably haven't had time to think about formal procedures. If you're working solo, you might still be skeptical about needing to write these types of policies.
As an online business owner, the purpose of your security plan is to protect both you and your customers. By establishing and implementing written security policies, you reduce the risk of overlooking holes or flaws within the plan.
Honestly, the amount of information that has been published about how to write a security policy could fill a small room. No wonder the task ...