Information security should protect the company's important assets, be transparent, unobtrusive and always up-to-date, and of course cost nothing. There is not a magic formula to achieve all this but with a structured approach you can fulfill at least two of these five wishes: High levels of protection and always up-to-date.
The first step: The organizational security policy
As hard as it might be, the simple premise of making fundamental considerations at the start of a project also applies to IT security. An organizational security policy governs all areas of information security within an organization. It describes the most important factors relevant to IT security for the company and should include references to regulatory requirements, industry standards, internal compliance requirements and best practices.
Read more in our blog VPN Haus.