Hi everyone, welcome back. Cyber security is an important area of focus. There is a whole lot of data that is being stored and transmitted digitally. This includes sensitive data that could potentially cause damage to someone or even a whole company. We will go over some common policies and strategies that organizations use. This is a continuation of Cyber Security: Personnel Organizational Security which can be found here. With this introduction out of the way, let’s get into it.
Companies may have several policies in place to protect their network from cyber attacks. In this article, we will focus specifically on personnel policies. A number of vulnerabilities come from social engineering attacks where attackers attempt to learn information. More about social engineering can be found here. This newly learned information could potentially allow an attacker to launch a successful attack. Let’s look into some common policies and strategies.
Having background checks on employees, specifically new hires, involve looking into various sources to confirm the information reflected on their application and resume. Background checks typically involve looking into criminal records, drivers license, education, and previous employment history.
The main purpose of an exit interview is to learn the reason to why an employee has decided to leave their position. In a way, it’s kind of the opposite of a job interview, instead of discovering why they want a job opening, it’s discovering why they want to leave. This can allow a company to understand the reasoning and to improve employee retention.
A job rotation can be used for various reasons including better training, gaining insight on various aspects of the company, or to simply prevent job boredom. However, from the security standpoint, by rotating jobs, it will be harder for an employee to commit fraudulent activities and easier to discover if that is the case.