The final consideration for the storage policy is that it must be communicated to the user group. There’s no point in having a carefully drafted plan of action if no one knows about it. Education is essential, and is the responsibility of not just the IT or risk management team, but also business managers and HR. But with everyone involved, and an effective programme of communication in place an appropriate policy for secure storage will ensure that investments made in data encryption and the like will be maximised, and that an organisation need not fear a visit from the regulators.
Electronic data is now essential for modern business and information management, and security, policies form the instruction set by which it will be used. This in turn forms one of the key foundations for best practice business operations.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.