fbpx Skip to main content

Breaking Down Security into Manageable Parts: People, Policy, and Perimeter

By March 5, 2018September 29th, 2020Security
Breaking down cybersecurity into manageable parts

Security isn’t simple anymore. Arguably, it was never simple to begin with, but there’s no denying that keeping your technology environment secure and your sensitive data safe is much more complex now than ever before.

If you’re trying to get your bearings with security issues, you may be overwhelmed. There are so many things to evaluate and determine if they’re right for your organization. You can’t just deal with each of the multiple aspects of security once and then never return to them, because a strong defense is a constant, ongoing undertaking.

At OXEN, we’re passionate about security awareness. In our mission to improve organizations’ security, we break it down into three key areas that make the problem more approachable. What are these three key aspects of security? People, Policy, and Perimeter.

You’re probably familiar with the Perimeter aspect because traditional security measures focus on it. Firewall, anti-virus, network monitoring, and data backups are all solutions aimed at protecting your network’s perimeter.

But what many organizations have learned is that perimeter security measures are not enough. They’re easy to poke holes in if you aren’t addressing People and Policy as well.

For example, an unsuspecting employee can let a malicious virus into your network simply by opening an email attachment or visiting an unsafe website. Firewalls and anti-spam email solutions are not 100% perfect all the time. If a single malicious email gets past your perimeter defense, only your well-trained people and your policies stand in the way.

The People aspect of security focuses on using your staff as a “human firewall”. Educate and train them to recognize threats and deal with them appropriately and promptly. This aspect encourages you to look at your organization’s culture and see if it encourages security awareness. Do people know what to do when faced with a possible cyber attack? Are they rewarded for doing the right thing?

The other aspect is Policy. Security-related policies are written documents such as an acceptable use policy for how employees can use the organization’s network and devices. They’re also processes that define and enforce steps that keep your security tight. For example, your process for handling the resignation or firing of an employee should include well-defined steps for shutting down their access to the company network and any logins for company-held accounts. These sort of policies and processes are usually not thought of until something goes wrong – then you wish you’d had them all along.

People, Policy, and Perimeter are complementary areas of security that together create a strong defense for your organization. If you’re not sure where to go next, assess how much of your existing defense falls into one or more of these areas. Are most of your security measures only addressing your perimeter? Then maybe it’s time to shore up your People and Policy areas.

It’s 2018 and you can’t just choose one area to focus on though. All of them are critical. Security is challenging. Don’t let lack of expertise, training, resources, or time prevent you from implementing the solutions that you really need though. We’re here so you don’t have to figure it out alone.

You can head to our Security Services page for resources, tools, and a complementary consultation to get you started.

  • Ready to jump into the People area? Check out our free IT Security Awareness Training for your staff.
  • Curious about building better Policies? Our Breach Prevention Services provide a Security Portal with multiple features, including sample security policies to get you started.
  • Still concerned about your Perimeter defense? We can provide performance and vulnerability assessments that can help you analyze your network and which vulnerabilities to address next. Contact us today to learn more!

Recent Posts / View All Posts

Disaster Recovery

Importance of a Reliable Disaster Recovery Plan for Your Business

| Email, Managed Services, Security | No Comments
Running a business is not always a smooth-sailing operation. There are often things that could go wrong regardless of how cautious you are or how hard you abide by the so-called rules. Because of this, you should have a good backup and disaster recovery plan in case a disaster happens, like an accident or a cyberattack. There are plenty of BDR solutions for different businesses. You must find the one that fits your needs and will protect your network and data in the best way possible. Understanding Backup Disaster Recovery All businesses deal with important information, like details about transactions,…
Social Media Phishing

Quiz Time: Can You Handle Social Media Phishing Attacks at work?

| Managed Services, Security | No Comments
Our last three blogs have discussed cybersecurity threats and how they affect a business. We have talked about the dangers that stem from various types of malware. We have warned you about the newest cybersecurity risks expected to wreak havoc on businesses soon. And in the face of the ongoing growing acceptance of remote work setups, we have delved into the threats related to working from home. Now, we will now talk about social media phishing. The common thing in all these topics is that they are all linked to phishing. A strong phishing attack can make a network open…
Risks of Working from Home

Addressing the Cybersecurity Risks of Working from Home

| Business Productivity, Managed Services, Security, Tech Tip | No Comments
A remote workforce has become the norm since the pandemic. Even now that we consider it safe to return to office work, many businesses have maintained the remote work setup because of the advantages. However, the risks of working from home also bring issues that need attention so as not to risk the company’s network and data. What Are the Cybersecurity Risks That Come with Working from Home? There are risks when working from home. Workers lack the usual protective measures used in an office network. Many workers use their home networks and may also use the same device for…