fbpx Skip to main content

Breaking Down Security into Manageable Parts: People, Policy, and Perimeter

By March 5, 2018September 29th, 2020Security
Breaking down cybersecurity into manageable parts

Security isn’t simple anymore. Arguably, it was never simple to begin with, but there’s no denying that keeping your technology environment secure and your sensitive data safe is much more complex now than ever before.

If you’re trying to get your bearings with security issues, you may be overwhelmed. There are so many things to evaluate and determine if they’re right for your organization. You can’t just deal with each of the multiple aspects of security once and then never return to them, because a strong defense is a constant, ongoing undertaking.

At OXEN, we’re passionate about security awareness. In our mission to improve organizations’ security, we break it down into three key areas that make the problem more approachable. What are these three key aspects of security? People, Policy, and Perimeter.

You’re probably familiar with the Perimeter aspect because traditional security measures focus on it. Firewall, anti-virus, network monitoring, and data backups are all solutions aimed at protecting your network’s perimeter.

But what many organizations have learned is that perimeter security measures are not enough. They’re easy to poke holes in if you aren’t addressing People and Policy as well.

For example, an unsuspecting employee can let a malicious virus into your network simply by opening an email attachment or visiting an unsafe website. Firewalls and anti-spam email solutions are not 100% perfect all the time. If a single malicious email gets past your perimeter defense, only your well-trained people and your policies stand in the way.

The People aspect of security focuses on using your staff as a “human firewall”. Educate and train them to recognize threats and deal with them appropriately and promptly. This aspect encourages you to look at your organization’s culture and see if it encourages security awareness. Do people know what to do when faced with a possible cyber attack? Are they rewarded for doing the right thing?

The other aspect is Policy. Security-related policies are written documents such as an acceptable use policy for how employees can use the organization’s network and devices. They’re also processes that define and enforce steps that keep your security tight. For example, your process for handling the resignation or firing of an employee should include well-defined steps for shutting down their access to the company network and any logins for company-held accounts. These sort of policies and processes are usually not thought of until something goes wrong – then you wish you’d had them all along.

People, Policy, and Perimeter are complementary areas of security that together create a strong defense for your organization. If you’re not sure where to go next, assess how much of your existing defense falls into one or more of these areas. Are most of your security measures only addressing your perimeter? Then maybe it’s time to shore up your People and Policy areas.

It’s 2018 and you can’t just choose one area to focus on though. All of them are critical. Security is challenging. Don’t let lack of expertise, training, resources, or time prevent you from implementing the solutions that you really need though. We’re here so you don’t have to figure it out alone.

You can head to our Security Services page for resources, tools, and a complementary consultation to get you started.

  • Ready to jump into the People area? Check out our free IT Security Awareness Training for your staff.
  • Curious about building better Policies? Our Breach Prevention Services provide a Security Portal with multiple features, including sample security policies to get you started.
  • Still concerned about your Perimeter defense? We can provide performance and vulnerability assessments that can help you analyze your network and which vulnerabilities to address next. Contact us today to learn more!

Recent Posts / View All Posts

5 Reasons Why Companies Fire IT Guys

| Business Productivity, Managed Services, Tech Tip, Testimonials | No Comments
The IT industry is brimming with so many IT guys and experts with various specialties these days. You would think it's an easy task hiring one for your company. Finding an IT guy is not the problem. Finding a competent, reliable, and affordable IT professional can be challenging for many businesses. When you think you have found the right person, issues start to come up, and you have no choice but to fire them and start the search again. There are several possible reasons why companies end up firing their IT guys. Here are the Top Five issues most commonly…

Your IT Guy vs. a Managed Service Provider

| Business Productivity, Managed Services | No Comments
There is no question that reliable IT support is a necessity for all of us, including small businesses. The reason is that most transactions and business functions are completed online. Business owners need to decide on the type of IT support they need. Whether that be an internal IT department or a Managed Service Provider. Let’s take a look at some typical IT scenarios. Internal IT Support This protection means keeping an in-house IT person on your regular payroll. It’s straightforward, but this is a practice that is not frequently considered unless your business uses a lot of technology. For…

The Top 5 Red Flags in the IT Industry

| Managed Services | No Comments
All businesses today rely heavily on IT support. Some have their own in-house IT experts, while many others choose to hire managed service providers, or MSPs, to perform specific IT functions for their company. These services are needed to oversee the office hardware and software and stay ahead of the competition. Like all industries, the IT industry has a few red flags that need to be addressed. With all the available services, you wouldn’t think that it would be that difficult to find reliable IT support for your business. We live in an almost entirely digital world, so tech services…