
Policy and Plan Development
Establish a secure foundation by formalizing and implementing policies and procedures designed around cybersecurity best practices. Whether drafting policies from scratch or reviewing existing policies for gaps, the TCDI team takes a holistic approach to policy development by applying its unique blend of technical, legal and regulatory expertise.
There are several information security policies that are important to have in place, including:
- Incident Response
- Disaster Recovery / Business Continuity
- Technology Acceptable Use
- Remote Access
- Backups
- Data Encryption
- Risk Management
- Physical Security
- Password Best Practices
- Privacy
- Change Control
- Wireless Access
The value of a security policy lies in how well employees and others adhere to it. For example, if a policy requires laptops to use encryption but only 50% of the laptops are actually encrypted then there is a policy implementation and adherence problem. Accordingly, our job is not done once policies are put into written form. Rather, we work directly with organizations to help them develop a plan for effectively communicating their security policies, implementing any changes, and monitoring policy adherence. Our goal is to ensure information security policies are put into practice and seamlessly integrated into daily business activities.