Breaking Down Security into Manageable Parts: People, Policy, and Perimeter

By March 5, 2018Security
Breaking down cybersecurity into manageable parts

Security isn’t simple anymore. Arguably, it was never simple to begin with, but there’s no denying that keeping your technology environment secure and your sensitive data safe is much more complex now than ever before.

If you’re trying to get your bearings with security issues, you may be overwhelmed. There are so many things to evaluate and determine if they’re right for your organization. You can’t just deal with each of the multiple aspects of security once and then never return to them, because a strong defense is a constant, ongoing undertaking.

At OXEN, we’re passionate about security awareness. In our mission to improve organizations’ security, we break it down into three key areas that make the problem more approachable. What are these three key aspects of security? People, Policy, and Perimeter.

You’re probably familiar with the Perimeter aspect because traditional security measures focus on it. Firewall, anti-virus, network monitoring, and data backups are all solutions aimed at protecting your network’s perimeter.

But what many organizations have learned is that perimeter security measures are not enough. They’re easy to poke holes in if you aren’t addressing People and Policy as well.

For example, an unsuspecting employee can let a malicious virus into your network simply by opening an email attachment or visiting an unsafe website. Firewalls and anti-spam email solutions are not 100% perfect all the time. If a single malicious email gets past your perimeter defense, only your well-trained people and your policies stand in the way.

The People aspect of security focuses on using your staff as a “human firewall”. Educate and train them to recognize threats and deal with them appropriately and promptly. This aspect encourages you to look at your organization’s culture and see if it encourages security awareness. Do people know what to do when faced with a possible cyber attack? Are they rewarded for doing the right thing?

The other aspect is Policy. Security-related policies are written documents such as an acceptable use policy for how employees can use the organization’s network and devices. They’re also processes that define and enforce steps that keep your security tight. For example, your process for handling the resignation or firing of an employee should include well-defined steps for shutting down their access to the company network and any logins for company-held accounts. These sort of policies and processes are usually not thought of until something goes wrong – then you wish you’d had them all along.

People, Policy, and Perimeter are complementary areas of security that together create a strong defense for your organization. If you’re not sure where to go next, assess how much of your existing defense falls into one or more of these areas. Are most of your security measures only addressing your perimeter? Then maybe it’s time to shore up your People and Policy areas.

It’s 2018 and you can’t just choose one area to focus on though. All of them are critical. Security is challenging. Don’t let lack of expertise, training, resources, or time prevent you from implementing the solutions that you really need though. We’re here so you don’t have to figure it out alone.

You can head to security.oxen.tech for resources, tools, and a complementary consultation to get you started.

  • Ready to jump into the People area? Check out our free IT Security Awareness Training for your staff.
  • Curious about building better Policies? Our Breach Prevention Services provide a Security Portal with multiple features, including sample security policies to get you started.
  • Still concerned about your Perimeter defense? We also offer a free Network Risk & Security Assessment that can help you assess your network and which vulnerabilities to address next.

Recent Posts / View All Posts

Security education online classroom

Security Education: Empowering the first layer of security defense, one employee at a time

| Security | No Comments
Are you ready to take a proactive approach to security for your organization? You can improve your “human firewall” with security education, dark web assessment, phishing tests, and more for...
WorryFree IT for Smooth Trucking

Smooth Sailing with WorryFree IT for Smooth Trucking

| Testimonials | No Comments
In late 2017, we met with Smooth Trucking in Logan, IA, and began working with them to address their technology pain points. Their workflow wasn’t working, computer issues were beyond...
A floating image between two paragraphs that is anchored to a blank paragraph

Fighting images in Microsoft Word

| Tech Tip | No Comments
Remember this? You're working on a Word document – maybe it's a report for your sales meeting, a set of instructions for a client, or a promotional flyer – and...