Making Security Policies Memorable: the First Line of Defense
Bradley K. Jensen, Janet L Bailey, Shawn Baar

Abstract
The increase in security threats comes at a time when the corporate workforce is becoming more mobile, employees’ need to collaborate both internally and with business partners is increasing, and corporations are facing escalating federal and state legislative scrutiny. As vulnerabilities and breaches rise and costs due to lost customer data spiral out of control, it is not surprising security remains a top concern for CIO’s. The first line of defense against this ever-encroaching enemy is a well-written, well-communicated, and well-enforced information security policy. However, policies are only effective if employees can remember the important information contained in them. Business professionals participated in a study which showed color can be used to assist in retention and recall of important policy information.

Full Text: PDF