Preventing Intrusion
Requires a proactive approach that includes routinely testing the security systems
Best rule for high security
- Do not keep extremely sensitive data online
- Store them in computers isolated from the network
Security Policy
- Critical to controlling risk due to access
- Should define clearly
- Important assets to be safeguarded and Controls needed
- What employees should do
- Plan for routinely training employees and testing security controls in place