The Importance of Encryption Policies and Conducting Policy Audits
Who doesn’t like a good technology policy? They’re easy to read, enjoyable and exciting with a cliff hanger ending that culminates with disciplinary action possibilities. Give me more of that. But, for those that do follow the rules and understand that polices aren’t meant to stifle productivity acknowledge that they are a valuable tool. If correctly developed and applied, they will bring consistency into your business environment, accountability and auditability.
Let’s examine a simple encryption policy. Most technologists know about encryption and they know how to deploy it. Whether we are connecting two offices or more, encrypting data when the data itself requires the cover of encryption for access or when using encryption for wireless access are three examples where encryption might be used. If left to the arbitrary technician who may or may not understand the importance of the right encryption scheme, the deployment may not be adequate or strong enough to secure and protect your business’ intellectual property.
If you are unsure and worried about the safety of your intellectual property, we can review your Encryption Policy and determine exactly what key strength is needed for what service without guessing.
Lastly, don’t forget to perform periodic policy audits. Your policies must be routinely validated so that when the real audit takes place, you and your technology team come out squeaky clean.