Security policies are garbage unless someone actually enforces them. They exist to tick boxes, impress auditors, and give leadership a warm-and-fuzzy about “doing security.” But when nobody lives by them, they’re nothing but paperwork liabilities. Certainly not the safeguards many assume them to be. They're certainly not worth the paper on which they're printed, or the storage space they're occupying on the network. Security policies can be bad for business ...
Continue Reading...