Business Security Awareness

MediaPro Value Proposition

MediaPro raises the level of risk awareness for your organizational Security & Compliance Program. Increased awareness is provided for:

· Data – Security of handling and storing sensitive data

· Access – Policies, procedures and processes for access by device type

· Device – Best practices for secure device management

· Applications – Authorized downloads to mobile devices

· Social Media – Security awareness issues

MediaPro enables all personnel to become familiar with security policies and procedures on a continuous basis. A comprehensive awareness program should include annual/semi-annual security training on-demand, testing and attestation components, self-assessment surveys and a records management function that documents employee awareness. Better yet, supplement formal classroom training and awareness briefings with a library of course materials on security best practices available to employees 24/7.

Human Resources and Security Officers
MediaPro supports Human Resource personnel to follow well-defined in-processing and out-processing procedures:

· Require all personnel to sign a document stating they have read and understand the information security policies.

· Ensure third party contractors and service providers comply with your security requirements (e.g. employment and background checks of new personnel).

· Raise awareness on employees who had been identified as troubled or disgruntled

Risk is the combination of threat, vulnerability and mission impact.

Can insider breaches be stopped?

Insiders can be stopped, but stopping them is a complex problem and requires a comprehensive approach. Insider attacks can only be prevented through a layered defense strategy consisting of policies, procedures and technical controls.

MediaPro supports management to pay close attention to many aspects of the organization including business policies and procedures, organizational culture and the technical environment. Today, companies must look beyond information technology alone for security. A programmatic approach needs to be developed that addressed the organization’s overall business processes and the interplay between those processes and the technologies.

MediaPro provides organizational awareness to mitigate risk

This includes risk associated with internal users and external users for example: members of the supply chain requiring connectivity to the corporation's application portfolio,(e.g., Remote connectivity through remote mobile devices with critical corporate data resident on those devices, etc.) This awareness is critical to effectively support all of the elements of your Governance Regulation & Compliance program.

· MediaPro executes the awareness of the Policies, Procedures, & Processes

· MediaPro tracks that you understand them and you attest to following them in your daily corporate operations

· MediaPro records and documents your organization's awareness

Human Resources
Human resources personnel should follow well-defined in-processing and out-processing procedures:

· Require all personnel to sign a document stating they have read and understand the information security policies.

· Ensure third party contractors and service providers comply with your security requirements (e.g. employment and background checks of new personnel).

· Many crimes committed by insiders were suspected by employees who had been identified as troubled or disgruntled

Security Awareness Program
All personnel must become familiar with security policies and procedures. Establish a comprehensive awareness program to include annual security training with a testing component, e-mail tips, posters, a letter of support from senior management, self-assessment surveys, awareness luncheons, and a security web site. Better yet, supplement training with awareness briefings. Briefings give personnel the opportunity to ask questions and put the information security team in the position of advocating security initiatives.