-
Notifications
You must be signed in to change notification settings - Fork 35
Home
Michael Boelen edited this page Feb 4, 2016
·
2 revisions
CISOfy promotes the usage of open technologies. We are opening up our security policy to the public, for others to see how we protect our data. Although we suggest using parts of the policy, consider always if something is in line with your type of organization and company goals.
- Security is not a one-time effort; it is an iterative process striving for continuous improvement.
- Deploying defenses in depth: Layer up security, so when one defense goes down, others will continue to work.
- Use sane and secure defaults: document the defaults, explain why that has been chosen.
- Too much security may hurt: don't overdo things, it could result in a
- Don't blame users - Share knowledge, provide safe defaults, and apply a fail-safe principle where possible.
Adversaries can be opportunistic, or highly motivated. In any case you want to protect what is valuable to your organization, or you personally.