The unfortunate reality for businesses in our online, connected-around-the-clock, mobile-enabled world is that they can have the most sophisticated high-security locks, video surveillance, alarms, pass cards and any other modern security device, and still be robbed without knowing it, even without anyone breeching any of those security systems.

Cyber security is increasingly important as businesses are required to meet more requirements to protect sensitive corporate and personal information, all while more and more ways of losing that information seem to pop up daily.

The result is, as much as protecting your business with the latest security technology, businesses need to protect themselves from intrusions that happen after people get past the locks and cameras.

To do so, and meet all the compliance requirements for protecting sensitive personal information, businesses must create, enforce and maintain a variety of internal policies.

The policies are designed to govern the use of technology to minimize the loss of sensitive data. Among others, here are a few basic policies your company should have in place.


This policy would outline how employees should use the internet while at work.


Like the internet use policy, but related to company IT and intranets, the access control policy will use devices like passwords to manage which employees have access to which systems and information.


How your employees use social media, both at work and on their personal time, can cause legal problems and damage your corporate reputation.


More than just ‘keep it tidy’, a clean desk policy should outline which documents and media must be put away or secured at the end of the day, or whenever an employee is away form his or her workstation.

Still, no matter how may policies you have in place, and how secure your IT is otherwise, it doesn’t mean you can throw away your locks and keys. Each of them, your security systems your cyber security and your internal policies all play an important role in limiting your company’s security risks.