Call or Text (845) 265-2220 ☰ ˟
Manage Policy File a Claim
Logo
Call or Text
(845) 265-2220
  • Home
  • Get A Quote
    • AutomobileImage of right arrow
      • Auto Insurance Quote
      • Auto Quote Form (short)
    • Bonds
    • Business & CommercialImage of right arrow
      • Commercial Auto Insurance Quote
      • General Liability Quote Form
      • Business Owners (BOP) Quote Form
      • Builders Risk
      • Liquor Liability Quote Form
      • Workers Compensation Quote
      • Community Association Quote Form
      • Community Association Workers Compensation Quote Form
    • Farm
    • Flood
    • Health
    • HomeownersImage of right arrow
      • Homeowners Insurance Quote
      • Manufactured Home Quote
      • Homeowner Flood Quote Form
      • Community Association Unit Owners (HO-6) Quote Form
    • LifeImage of right arrow
      • Life Insurance Quote
      • Term Life Insurance Quote
    • LimousineImage of right arrow
      • Limousine Quote
      • Bond Request Form (TLC)
      • Workers Compensation Quote Form (Livery)
      • General Liability Quote Form (Livery)
    • Motorcycle
    • Recreational Vehicle
    • Renters
    • Trucking
    • Watercraft & Boat
  • Customer Service
    • AutomobileImage of right arrow
      • Request ID Card for Auto Policy
      • Request Declaration and Coverages Page for Auto Policy
      • Send Declaration and Coverages Information to Lien Holder
      • Add Vehicle to Existing Auto Policy
      • Remove Vehicle from Existing Auto Policy
      • Add Driver to Existing Auto Policy
      • Remove Driver from Existing Auto Policy
    • Business & CommercialImage of right arrow
      • Request ID Card for Commercial Auto Policy
      • Request Declaration and Coverages Page for Commercial Auto Policy
      • Add Vehicle to Existing Commercial Auto Policy
      • Remove Vehicle from Existing Commercial Auto Policy
      • Add Driver to Existing Commercial Auto Policy
      • Remove Driver from Existing Commercial Auto Policy
      • Request General Liability Certificate of Insurance
      • A Community Association Certificate Request Form
      • Request a General Liability Certificate of Insurance with Additional Insured
    • HomeownersImage of right arrow
      • Request Declaration and Coverages for Existing Homeowners Insurance Coverage
      • Request Evidence of Insurance
    • MotorcycleImage of right arrow
      • Request ID Card for Motorcycle Policy
      • Add Motorcycle to Existing Policy
      • Remove Motorcycle from Existing Policy
    • OtherImage of right arrow
      • Policy Review Request
      • Consent to Receive Electronic Records
    • Watercraft & BoatImage of right arrow
      • Request ID Card for Watercraft Policy
      • Add Watercraft to Existing Policy
      • Remove Watercraft from Existing Policy
  • Claims
    • Automobile
    • Business & Commercial
    • Flood
    • Homeowners
    • Motorcycle
    • Renters
    • Watercraft & Boat
  • Blog
  • Make a Payment
  • Resources
    • Secure File Area
    • Refer a Friend
    • Important Links
    • Calculators
    • Important Files
    • Free Reports
    • Insurance Glossary
    • Frequently Asked Questions
    • News Center
  • About Us
    • About Gerelli Insurance Agency, Inc.
    • Location Map
    • Employee Directory
    • Customer Testimonials
    • Privacy Policy
  • Contact
    • Contact Us
    • Join Our Newsletter
Icon Icon Icon Icon Icon Icon
Home > Blog > 9 Key Elements of a Data Security Policy
TUESDAY, FEBRUARY 25, 2020

9 Key Elements of a Data Security Policy

essential elements of a data security policy

9 Key Elements of a Data Security Policy

     
By Travelers Risk Control
 

While the conversation around the water cooler may be about the latest cyber breach, protecting your data against cyber attacks requires much more than words. Walk the talk to help protect your data with a documented data security policy.

Every employee needs to understand his or her obligation to protect company data. Employees also need clear expectations about behavior when it comes to their interaction with data. For that to happen, your data security policy needs to be published, understandable and enforceable. It should outline practices that help safeguard employee, customer, company and third-party business data and sensitive information.

As with many complex programs that deal with sophisticated products or topics, there are usually essential elements that form the foundation of a plan.

Essential Elements of a Data Security Policy

  1. Safeguard Data Privacy: Employees must understand that your privacy policy is a pledge to your customers that you will protect their information. Data should only be used in ways that will keep customer identity and the confidentiality of information secure. Of course, your employees and organizations must conform to all applicable laws and regulations.
  2. Establish Password Management: A password policy should be established for all employees or temporary workers who will access corporate resources. In general, password complexity should be established according to the job functions and data security requirements. Passwords should never be shared.
  3. Govern Internet Usage: Most people use the internet without a thought to the harm that can ensue. Employee misuse of the internet can place your company in an awkward, or even illegal, position. Establishing limits on employee internet usage in the workplace may help avoid these situations. Every organization should decide how employees can and should access the web. You want employees to be productive, and this may be the main concern for limiting internet usage, but security concerns should also dictate how internet guidelines are formulated.
  4. Manage Email Usage: Many data breaches are a result of employee misuse of email that can result in the loss or theft of data and the accidental downloading of viruses or other malware. Clear standards should be established regarding use of emails, message content, encryption and file retention.
  5. Govern and Manage Company-Owned Mobile Devices: When organizations provide mobile devices for their employees to use, a formal process should be implemented to help ensure that mobile devices are secure and used appropriately. Requiring employees to be responsible for protecting their devices from theft and requiring password protection in accordance with your password policy should be minimum requirements.
  6. Establish an Approval Process for Employee-Owned Mobile Devices: With the increased capabilities of consumer devices, such as smart phones and tablets, it has become easy to interconnect these devices to company applications and infrastructure. Use of these devices to interconnect to company email, calendaring and other services can blur the lines between company controls and consumer controls. Employees who request and are approved to have access to company information via their personal devices should understand and accept the limitations and controls imposed by the company.
  7. Govern Social Media: All users of social media need to be aware of the risks associated with social media networking. A strong social media policy is crucial for any business that seeks to use social networking to promote its activities and communicate with its customers. Active governance can help ensure employees speak within the parameters set by their company and follow data privacy best practices.
  8. Oversee Software Copyright and Licensing: There are many good reasons for employees to comply with software copyright and licensing agreements. Organizations are obliged to adhere to the terms of software usage agreements and employees should be made aware of any usage restrictions. Also, employees should not download and use software that has not been reviewed and approved by the company.
  9. Report Security Incidents: A procedure should be in place for employees or contractors to report malicious malware in the event it is inadvertently imported. All employees should know how to report incidents of malware and what steps to take to help mitigate damage.
Posted 11:37 AM

Share |


No Comments


Post a Comment
Required
Required (Not Displayed)
Required


All comments are moderated and stripped of HTML.

NOTICE: This blog and website are made available by the publisher for educational and informational purposes only. It is not be used as a substitute for competent insurance, legal, or tax advice from a licensed professional in your state. By using this blog site you understand that there is no broker client relationship between you and the blog and website publisher.
Blog Archive
  • 2023
  • 2022
  • 2021
  • 2020
  • 2019
  • 2018
  • 2017
  • 2016
  • 2015
  • 2014
  • 2013
  • 2012

  • directors and officers liability(1)

View Mobile Version
Facebook
LinkedIn
Twitter
Google+
Get Directions
Contact Us Today
Resources
Products
Customer Service
Payment Options
Report a Claim
News
About Us
Refer A Friend
Our Carriers
Blog
Contact Us
Contact us PO Box 362
Cold Spring, NY 10516

Ph: (845) 265-2220
Fx: (845) 265-4754
E: plservice@Gerelli-Insurance.com
© Copyright. All rights reserved. Powered by Insurance Website Builder.