Its been said that you are only as strong as your weakest link, and so it goes with your network security. You may have the latest and greatest equipment and software guarding the gateway to your network, but all that means nothing if you don’t have an IT security policy in place that is being enforced.
A security policy includes details such as which websites are approved, and which should be blocked, as well as what kind of content or programs employees are allowed to download. Do they really need to download and install the latest version of Texas hold’em? Other points include the frequency of changing passwords and ensuring passwords are not written down or stored in obvious locations.
One quid pro quo to an IT security policy: it needs to be enforced. There is growing recognition among employers that, however much time and money they spend on ramping up their IT security, it counts for very little if they fail to change the practices and mindset of their workforce. Have employees sign an agreement so they are held accountable for their actions. In extreme cases, larger companies have even charged for damages done to business PC’s due to employee misuse or have adopted the policy of employees supplying their own personal computers. Employees may think twice if they’ve got skin in the game.
The moral of that story is clear: No matter how secure your network may be, it's only as secure as its weakest link. And people--meaning you and your employees--are often the weakest link. So get on the phone with your trusted IT advisor and start creating your detailed security plan today. You'll sleep better tonight.