ShopThe US Supreme Court has overturned a lower-court ruling and concluded that management has a right to review employee text messages on company-issued devices. If used as a precedent, this case may have far-reaching consequences for employee expectations of privacy in workplace communications. However, the ruling should also serve as a wake-up call for organizations …
Tag Archive: Policy Enforcement
Jun
11
Effective Security Policy Management – Part 6
Part 6. A Verified Audit Trail Security policy documents will not be effective unless they are read and understood by all members of the target audience intended for each document. For some documents, such as Internet Acceptable Use or Code of Conduct, the target audience is likely the entire organization. Each policy document should have …
Feb
17
Ideas for Security Policy Sanctions
In order for written information security policies to have “teeth”, there must be consequences for employees that do not follow policies, and this fact must be documented as part of the published policy. The “sanctions” portion of most security policies reads something like this: “Failure to comply with this policy will result in disciplinary action, …
Oct
30
Security Policy and Responsibility
Last month we discussed the security policy problems revealed within the department of Veteran’s Affairs (VA) in the wake of the highly public data breach, including the firing of two employees responsible for information security. Over the last month, employees at both AOL and Ohio University were terminated or resigned in the aftermath of data …