Documente Academic
Documente Profesional
Documente Cultură
A BlueCentral Whitepaper | 1
Contents
p3 p4 p5 p6 Introduction Developing information security policies, standards and procedures Meeting international standards Information security health check and report Conclusion p7 About BlueCentral Contact us
A BlueCentral Whitepaper | 2
Introduction
The information security landscape is changing rapidly. Most recent influences have been: the proliferation of storage-rich mobile technology in the form of smartphones and tablet devices the new gen-Y digital native workforce changing the nature and definition of work the freedom of expression available to users of social media the convenience of working outside of the office in hours that suit the individuals role and lifestyle. As a result of these adjustments in the way business is conducted, ownership of information does not carry the same clear accountability it once did. Physical and behavioural boundaries used to exist around information management but these can be missing in the modern workplace. Clearly thought-out information security policies, standards and procedures addressing internationally supported standards, will go a long way to addressing the risk exposure these changes have created. An organisation operating without information security policies, standards and procedures is akin to a ship operating without a rudder. A business operating with considered information security policies, standards and procedures can demonstrate to management, stakeholders and employees the critical importance of information security to the long-term success of an organisation. It is also vital that these policies and procedures are backed by the executive layer. Without C-level buy in, it will be difficult to create a culture of respect for security in the organisations daily operations. Additionally, security guidance should be factored into longer term business strategies around issues including flexible working, BYOD and acceptable usage policies for social networking. BlueCentral has teamed with Kevin Fitzgerald, a 30 year veteran on Information Security, to co-author a three-part series on risk management. As a hosting provider, it is critical for us to ensure that the hosting systems and solutions of both BlueCentral and that of our customers meet the wide range of criteria required by Australian Standards. These include areas such as compliance with data privacy standards, the highest information security levels, and the reassurance for customers that the systems on which their data is hosted are reliable, scalable and robust enough to repel any threat. In this third paper, Policies, Standards and Procedures, we discuss guidelines for effective information security management. To read the previous papers in this series, Risk Management and Business Continuity Management, please click here
A BlueCentral Whitepaper | 3
A BlueCentral Whitepaper | 4
A BlueCentral Whitepaper | 5
Conclusion
In summary, information security policies and standards are not to be taken lightly. If your organisation does not comply with ISO 27001 standards it faces the risk of security breaches or data leakage which could result in a loss of clients and contracts; and even damage your business reputation. Those however, who do understand the importance of information security standards and procedures create and implement an information security-conscious culture that has the capacity to improve every aspect of their business activities.
A BlueCentral Whitepaper | 6
This whitepaper brief is a consolidated paper drawing from an extensive project workbook on information security policies, standards and procedures. If you would like to receive the full workbook please visit www.fitzgeraldinfosecmentoring.com, email Kevin Fitzgerald at kevin@fitzgeraldinfosec.com.au.
About BlueCentral
BlueCentral is an Australian hosting company offering managed infrastructure and business-grade hosting services to private and public sectors. It guarantees high-availability of clients services through active management of critical online infrastructure including networking, server, data storage and security technologies. The company has been delivering IT managed hosting services for 15 years and has over 150 clients across Australia and New Zealand. BlueCentral is an IPMG business, an integrated group of marketing services business with over 20 companies across print, digital and communications. For more information, visit BlueCentrals website at www.bluecentral.com.
Contact us
Phone: 1300 258 323 Email: sales@bluecentral.com www.bluecentral.com
managed hosting
virtual hosting
data storage
disaster recovery
A BlueCentral Whitepaper | 7