September 12, 2013
MAN 3021 – Human Recourses Management
In the past couple of years, companies have been more attentive to the importance of information security. Protecting and enhancing the value their company’s information and IT systems have become a vital strategic objective in most businesses, following only to making profits. Information security is not just a simple matter of having usernames and passwords. Regulations such as Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley (GLB), Basel II, Sarbanes Oxley Act (SOX), Federal Information Security Management Act (FISMA), and various privacy/data protection laws execute a great range of obligations on businesses. Therefore, companies have to not only protect themselves from Cyber-attacks but also from employees. Here are some recommendations to better help businesses to detect any suspicious behavior as earlier as possible and also to better protect their data.
Something to Think About
In 2008, a survey was conducted with individuals who either voluntary or involuntary left their job. You’ll be surprise to see how many employees leave and still are able to access the company’s data months after they were long gone. 59% of those surveyors said of keeping or taking company’s information with them and 24% admitted that they could still access the company’s network for a while after they were long gone.
The best way for organizations to protect themselves from data thefts is to adapt certain best policies. Here are some suggestions as stated by Don Harris, president of HR Privacy Solutions in Delhi, N.Y.:
* Recognize the seriousness of the threat.
* Devote additional security resources to meeting the increased threat.
* Identify, prioritize and protect the information assets of greatest importance.
* Tighten or restrict access to such assets before layoff decisions.
* Remove access to systems and files as soon as workers are told...