What should be included in a written security policy?

Depending on the industry that you are in, and the data security and compliance regulations that may apply to you, a security policy can be quite involved.

At a minimum, every business should have a written security policy to demonstrate that the company takes data privacy and security seriously and has systems in place to protect it.

Without having a policy in place, that all employees have seen and agree to abide by, it may be problematic should a problem develop in the future.

A basic security policy should include:

      • Password policy
      • Acceptable use policy for email, internet browsing, social media, etc.
      • Access and control of proprietary data and client data
      • Access to company data from remote locations, or on non-corporate devices
      • Physical security protocols for doors, dealing with visitors, etc.
      • Understanding of data classification, what is critical and private data?
      • How to deal with and report lost or stolen devices
      • How to handle and report a suspected security breach or data loss
      • Requirements and expectations for Security Awareness Training
      • Use of third party cloud or file sync services such as Gmail, Dropbox etc.
      • Requirements for encryption and computer locking procedures

There are very specific requirements that your business may need to adhere to, and there are tools and templates available to help get started. If you would like to see some sample policies, and talk about how we may be able to help you put a plan in place, give us a call today!

At White Mountain, we make changing IT vendors EASY!whitemtn contactus sm

Thanks for visiting, we look forward to hearing from you.

CO signature

Featured Posts and Services

Had Enough?If your business seems to be caught in a never ending cycle of computer problems and complaints, perhaps you have been focusing on the symptoms rather than the source of the problem. The underlying cause is most likely a lack of professional IT management. At White Mountain, we take responsibility for the operation, management and support of your IT infrastructure. Don't settle for the IT systems cycle of torture,there is a better way, give White Mountain a call today...

- Onsite Service Coverage Area -

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH and then down into Boston. From Northern and Central Mass we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.



White Mountain IT Services
33 Main Street Suite 302
Nashua, New Hampshire 03064


 padlock1  Cyber Security Toolkit

cloud desktop2 Cloud Desktop Login

Open Positions