Types of Monitoring to Ensure Security Practices Are Followed

Most companies face the challenge of employees not using the Internet appropriately. It’s easy for an employee to update a personal blog, send out Twitter messages, or update Facebook during the day. Employees will invariably bend the rules unless they understand there is a credible possibility of being caught. Just as policies without enforcement are like speed limits without tickets, operational monitoring and reporting serves the key purpose of maintaining functional policies and identifying areas where the policy may need adjustment.

In addition to supporting internal policies, operational monitoring plays a key role in ensuring your company adheres to federal, industry, and agency regulatory compliance requirements. In the U.S., regulatory agencies including the Federal Trade Commission Safeguards Rules, the Gramm-Leach-Bliley Act (GLBA), and the Health Information Portability and Accountability Act (HIPAA) require companies in related industries to implement information security processes and systems. HIPAA requires healthcare organizations to ensure patient information remains confidential. In the financial sector and for financial reporting in general, GLBA and the National Association of Securities Dealers (NASD) require that written and electronic correspondence ....