Security Survival Tips for the Web 2.0 World

1 2 Page 2
Page 2 of 2

HOW TO: Manage your security risk from instant messaging

Most organizations aren’t totally shutting out IM communication in the workplace. Experts offer this advice for weighing the risks and implementing security policies:

  • Examine business uses for the technology and weigh the trade-offs before deciding to impose an IM ban.
  • Consider incorporating IM into the established rules for e-mail usage in the early stages of IM adoption, and follow e-mail best practices.
  • Determine upfront whether industry regulation or internal policies mandate IM archiving, and plan accordingly.
  • Immediately suspend IM messages that run afoul of industry regulations, and notify compliance officers or attorneys.

HOW TO: Get the word out to your staff about information security

All the technology in the world can’t keep your information safe if your workers aren’t clued in to company policies. Here are the top tips for effectively communicating information security to workers:

  • Know your audience, and consider the most effective media for getting a particular message across to different crowds. Baby boomers prefer straightforward communication, such as well-written memos, while Gen Y workers prefer messages that are quick and to the point.
  • Use interactive communication techniques, such as video games and comical multiple-choice quizzes. These can be engaging and let managers assess the effectiveness of communications.
  • Avoid top-down edicts on corporate security policies, which don’t resonate well with younger workers. Annual broadcasts aren’t frequent enough and are quickly forgotten.
  • Try to make newsletters or e-mails colorful. For instance, a set of “Did You Know?” bullet points can be both entertaining and educational.
  • In face-to-face meetings with workers, explain not only what is being done (for example, desktop encryption) but why it’s being done. Be sure to allow employees to ask questions and offer feedback. It not only helps them feel like their opinions matter, but managers can also draw from their ideas to improve policies and operations.
  • Offer workers security-related information that can be applied outside the workplace, such as the technical risks of sharing iPod songs on a peer-to-peer level; employees are more likely to pay attention to policies that also apply in their personal lives.
  • Have a communications specialist or business executive discuss the importance of information security. This can help convince employees that the topic is a business issue — and not something they normally equate solely with IT.

Find out more about Web 2.0 Security:

Copyright © 2007 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon