Many organisations now rely totally on their digital environment for the day to day processing and the management of their business. The issues of information management, confidentiality, competitive edge and profitability are intrinsically linked, but unfortunately, information in the digital world is not attributed with the same degree of respect with regard to security as the paper document managed to achieve in its heyday.
The first step towards creating a secure digital environment is to define the rules and guidelines for managing, operating and using the organisation's information systems. This first step is critical and involves developing policies and procedures that document the organisation's intentions to diligently manage digital information throughout its life cycle and keep it safe from unauthorised persons.
To be successful, IT security policies must be based on plain old common sense and all staff, contractors and third parties should be required to understand their obligations. Policy Management as a Service from Protocol Policy Systems assists an organisation to develop, deliver and then maintain their own unique and comprehensive suite of IT security policies.
Policy Management as a Service is a cloud based solution that provides a generic set of policies and procedures that can be specifically tailored for any IT environment and any business situation. Text, graphics and wording of the policy statements can be customised to suit the culture of the business.
The policies are displayed in a user friendly format that is easily accessed from a supported modern browser. They are presented by category of user so that general users do not need to read all the technical jargon to find the policies which affect them. Policy Management as a Service takes the hassle out of developing IT policies and delivers a quality solution which continues to evolve.
The service provides for a large range of customisation options; allowing for changes such as adding links to other organisational policies including HR, standards, procedures, guidelines and practices, compliance documents, designs and drawings. The service creates a dynamic tool which can be used by all levels of staff in the organisation. Kaon Security have Consultants trained to deliver the Protocol Policy Management as a Service solution in ANZ.
Organisations exist in an ever changing technological world and to ensure they can continue to operate in this environment and do business they must be aware of security issues and take the appropriate measures that protect key assets, i.e.:
Security attacks are increasing all the time and it is important that systems and information can be protected against these threats. The first step in achieving this is to document the rules around system configuration and system use. By complying with these written guidelines management can be sure they are doing everything they can to protect both systems and people from a security threat.
It is important to remember that the policies protect staff just as much as they do the organisation. Policies are the first very important step in managing IT system security
The service delivers – A comprehensive suite of 25 policies mapped to IS27002. Additional standards mapping options include ISO22313, ISO27017, PCI and SOX.
Supporting information and documentation includes:
Also available are optional template procedures including diagrams on a large range of procedures, a sample list is available on request.
Our delivery process sees a Kaon Security Consultant deliver a 2 day workshop to each customer and their key staff. This workshop is designed to ensure that the policy content is well understood and worded appropriately for each organisation.
Once the Policy Management as a Service solution is deployed Kaon Security ensure that the content and standards are kept up to date.
We also provide a ‘Lite’ version of the system to accounts with less than 250 users that are operating in unregulated sectors but still require good policy content for their general user population.
The ‘Lite’ version is mapped to ISO 27002 and allows you to demonstrate a basic level of compliance with a recognised international standard.
The reduced level of content also shortens the policy workshop duration to a 2-4 hour online webinar.
Click here to read our case studies.
Click here to read testimonials from our customers.