tag:blogger.com,1999:blog-4055310521973798716.post2516659863414471332..comments2007-07-22T20:27:26.707-04:00Neil Johnsonnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-4055310521973798716.post-20574163778335212782007-07-22T20:27:00.000-04:002007-07-22T20:27:00.000-04:00At the corporate level, these cannot be overstated:<BR/><BR/>- A corporate security policy stating clearly what are the standards and accepted procedures for use of computing resources and remote access procedures. For instance, when connecting to a public open network, SSL must be used when entering passwords on a website. (Quick hint: Did you know that when you log into your GMail using the page https://gmail.google.com instead of http://www.gmail.com, the entire session is encrypted--not just the login page. That's a great safety measure when reading your email on an open wireless network in a public place.<BR/><BR/>- Security Awareness Training for employees. This is a training that tells users <B>what is network security</B>, what <B>computer security risks</B> exist, how to be surf securely when on an open wireless network, and general security education. It can be conducted by a knowledgeable IT person or by an outside professional. This also reviews the corporate security policy stated above, to make sure end users fully understand it.Keith Salustrohttp://www.blogger.com/profile/06541345012929727968noreply@blogger.com