A Manager's Guide to Safeguarding Sensitive Information Properly

A Manager’s Guide to Safeguarding Sensitive Information Properly is a quick reference guide on the 12 SSIP Rules managers should be aware of in respect to safeguarding sensitive information properly at their company. This guide is a companion to “An Employee’s Guide to Safeguarding Sensitive Information Properly.” A Manager’s Guide to Safeguarding Sensitive Information Properly could very well save any company from significant financial risk and adverse publicity to their brand.

A Manager’s Guide to Safeguarding Sensitive Information Properly is a quick reference guide on the 12 SSIP Rules managers should be aware of in respect to safeguarding sensitive information properly at their company. This guide is a companion to “An Employee’s Guide to Safeguarding Sensitive Information Properly.” Sean Lowther who designed and implemented the information security awareness program at Bank of America from 1999 to 2006 is the author of this guide. Every manager who works for a company should have a copy of this “Guide.” The guide includes the following SSIP (safeguarding sensitive information properly) Rules: SSIP Rule 1: Are you hiring the right people? SSIP Rule 2.: Your Information Technology Department is not responsible for safeguarding sensitive information properly. SSIP Rule 3: If your department is developing applications, make sure you include your information security people in the process. SSIP Rule 4: People do things for their reasons, not yours! SSIP Rule 5: Do not transmit sensitive information outside of the company without proper protection. SSIP Rule 6: Do not let employees download unlicensed software or unapproved applications. SSIP Rule 7: Don’t play “Big Brother” with your employees. Be an enabler! SSIP Rule 8: The importance of training. SSIP Rule 9: Update an employee’s system access when transferred or delete when terminated. SSIP Rule 10: The risk of social engineering. SSIP Rule 11: The risks of social media. SSIP Rule 12: The risk of insider threats. A Manager’s Guide to Safeguarding Sensitive Information Properly could vary well save any company from significant financial risk and adverse publicity to their brand.

From 1999 to 2006, Sean designed and implemented the information security awareness program at Bank of America. His approach to changing a corporate culture to one that valued safeguarding customer, employee, business and company sensitive information was at that time innovative and questioned by traditional practitioners. Today, his concepts are common practice in many corporations. "A successful information security awareness program is a marketing program that provides the same information seven times, seven different ways over time. That is what reinforces the principles that become part of a company's values," says Sean. Sean's career has taken him around the world. He has worked with some exceptional people, leaders in their field, who have taught him, as he says" "More than one could ever expect, and opened doors that I could have never imagined. To that I remain forever grateful. Sean is a recognized author and a popular speaker in the field of Information Security Awareness and Personal Development.