InfoSec Spring Cleaning


It’s that time of year again, spring is in the air in much of the US. That usually means it’s time to do a little clean up work around your organization.

Now is a good time to:

  • Review policies, processes and exceptions and make sure they are current and all still apply.
  • Check for expired accounts or accounts that should have their passwords changed – especially service accounts.
  • Update your awareness program and plan for activities and areas of key focus for the rest of the year
  • Review all cryptographic certificates and such to make sure none have expired or close to expiration
  • Begin to plan your staff coverage for IT vacations, the summer events and the time when staff is usually reduced for the summer
  • Begin the process of hiring those summer interns
  • Review the logs and archives and back them up or destroy them as needed
  • Any other periodic or seasonal security planning activities

Now is a very good time to do all of these things. It is also a good time to put together your plans for the rest of year and make sure that first quarter hasn’t broken your budget already. 😉

Are there other security spring cleaning items your team does every year? If so, drop us a comment and share your plans with others. More brains are better than one!

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply