This week we are discussing information security plans. I’m sure many people have seen these and had to read them at some point at work, but what about at home? This linked article here gives a great example of enforcing some InfoSec at home, with a demographic that may not be entirely savvy enough to understand the trouble they can get in without it.

First of all, let’s cover the benefit of explicit rules such as these. The crux of computer issues comes from human error. If we examine the McCumber Cube, education and policy seem to stand out as the areas where the user can screw up. A perfect system is only that way until someone who doesn’t know how to use it does.

Phones are just tiny computers, more powerful now than any computer I played DOOM on growing up, and kids are getting them. I wasn’t allowed on the internet when my parents weren’t home in middle school, and these devices are connected to the internet all the time. There is a need for rules, policies outlined explicitly so the user understands the authorized uses of a device and their own responsibilities.

The linked list includes a lot of social, parenting, and politeness type rules, but it also includes some great rules regarding information security. Chief of which, and I think it matches places of employment for adults, is that the phone does not belong to the child and the password will always be known by the true owner. This seems to jive with corporate policies about browsing Facebook all day instead of getting work done, the machine is there for a reason and the corporation will check and see that you are using it as such.

The acceptable and unacceptable uses of this technology are clearly outlined. So while this may not cover all the parts of a traditional Enterprise Information Security Policy, I think it’s going to serve this parent and child very well.

Web link: http://gizmodo.com/5972721/every-parent-who-gives-their-kid-an-iphone-should-make-their-kid-follow-these-18-rules