What should be included in a written security policy?

Depending on the industry that you are in, and the data security and compliance regulations that may apply to you, a security policy can be quite involved.

At a minimum, every business should have a written security policy to demonstrate that the company takes data privacy and security seriously and has systems in place to protect it.

Without having a policy in place, that all employees have seen and agree to abide by, it may be problematic should a problem develop in the future.

A basic security policy should include:

      • Password policy
      • Acceptable use policy for email, internet browsing, social media, etc.
      • Access and control of proprietary data and client data
      • Access to company data from remote locations, or on non-corporate devices
      • Physical security protocols for doors, dealing with visitors, etc.
      • Understanding of data classification, what is critical and private data?
      • How to deal with and report lost or stolen devices
      • How to handle and report a suspected security breach or data loss
      • Requirements and expectations for Security Awareness Training
      • Use of third party cloud or file sync services such as Gmail, Dropbox etc.
      • Requirements for encryption and computer locking procedures

There are very specific requirements that your business may need to adhere to, and there are tools and templates available to help get started. If you would like to see some sample policies, and talk about how we may be able to help you put a plan in place, give us a call today!

At White Mountain, we make changing IT vendors EASY!whitemtn contactus sm

Thanks for visiting, we look forward to hearing from you.

CO signature

Featured Posts and Services

With the surge in the number of small and medium businesses that have fallen prey to malware and cyber criminals, there is a lot of focus of what an organization can do to prevent being a victim and how the company should handle themselves after an attack. There is another key factor to preventing cyber criminals from penetrating into your network:...

- Onsite Service Coverage Area -

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH and then down into Boston. From Northern and Central Mass we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.



White Mountain IT Services
33 Main Street Suite 302
Nashua, New Hampshire 03064


 padlock1  Cyber Security Toolkit

cloud desktop2 Cloud Desktop Login

Open Positions