Making the delivery, development and maintenance of IT Policies easy

In the ever-changing world of IT security, threats are increasingly sophisticated and response time is critical. Robust IT policies are key to protecting information from disclosure, unauthorised access, loss, corruption and interference.  At Kaon Security, we offer a fast-track process and solution for you to fully scope and implement your cyber security policies, setting up a new policy framework in weeks rather than months.

Policy Management as a Services (PMaaS) provides easy-to-read policy content which is suitable for all users, managers and technical staff. All of our content is written in plain English with every ‘statement’, having a corresponding ‘explanation’ box. We customise policy messaging to match our clients’ business and organisational requirements, and if necessary, we can rewrite historic documents in plain English.

Policies comply with modern standards

Well-written policy provides clear statements for managers and employees on how to interact with systems and data. Equally important is the ability to drill down to see where policies map to current standards or best-practice guidance. Our policies allow you to view audit requirements to maintain compliance, and to review all the policy statements that are mapped to a specific standard.

Engage your team in your policies

Engaged users typically support behaviour change to reduce the risk of data loss and breaches. We have developed functionality to monitor user engagement, including an onscreen policy acknowledgement and acceptance option, along with a policy review reminder service. Users can track their acceptance status on their ‘My Policies’ page and a notification service prompts users into action. Should any user become disengaged, you have the ability to easily identify them and address their inactivity and non-compliance.

The more relevant the content, the more likely it is that users will engage with it. Stakeholders in the business play an important part in providing valuable feedback as you draft policies. Appointing key people to input their comments and feedback using the PMaaS Stakeholder function will be a valuable exercise.

Manage engagement for contractors and new starters

PMaaS also has the flexibility to enrol third-party contractors and new starters to ensure they review and accept your IT policies before commencing an engagement or employment with your organisation. Aside from making the acceptance process very efficient, the compliance reporting functions allow you to maintain complete visibility over which individuals have, or have not, completed this step so they can be followed up.

Reviewing content to keep it relevant

It is important that you review your content to make sure it stays relevant as the organisation evolves and compliance requirements change. Through PMaaS you can set up and manage policy review dates, hide policy content that is no longer relevant or needs updating, and make content visible to specific users and their roles as relevant content helps to keep users engaged.

Building security awareness

You can build a strong line of defence by teaching your users to identify signs of an attack and respond accordingly. As part of our service, we teach employees via educational videos the types of attacks they may encounter and how to avoid common traps. We can also customise a ‘top security tips’ page for your team. Our comprehensive glossary of terms, topic index (which enables users to pinpoint specific content) and advanced search function all help your users to quickly and easily find information and answers.