Managers get security tips for systems
06-26-2008, Tulsa World - Angel Riggs
http://www.tulsaworld.com/busi . . . 0304_Bu_E1_Manag9973
A TCC seminar attracts more than 60 business leaders.


Employers need a clear computer-use policy with routine checks to help secure their systems from worker misuse, business leaders were told Friday at a Tulsa Community College seminar designed to make company leaders aware of security risks.

"Cyber Security -- Protecting Your Business Information," a one-day workshop, was designed to help professionals without in-depth information technology experience understand not only outside threats to their systems but also those posed by employees.

"We all need to know how to minimize our risks," said Sandra Massey, campus provost at TCC.

The seminar attracted more than 60 business leaders to sessions on several computer problems, from virus and spyware issues to computer forensics and crimes.

Gavin Manes, president and research director at Oklahoma Digital Forensics Professionals Inc., said in his lunchtime keynote address that business leaders must be more aware of threats to their systems.

"A lot of the examples are giving a lot of vocabulary to people who aren't technical," said Manes, who's also an assistant professor at the University of Tulsa.

His speech focused on digital forensics and the variety of problems that can stem from the misuse of workplace technology by employees.

Businesses need computer-use policies in addition to their drug testing and sexual harassment policies, he said.

"You might have security threats from nontraining," he said. That is, employees may not realize how their actions on a computer could jeopardize the company's cyber security.

"They don't understand that their systems might be loose-lipped," Manes said.

However, employers also should be aware of risks posed by employees, he said. Companies can be harmed by workers using their computers for anything from accessing unauthorized Web sites to theft.

And, he said, companies should be able to properly handle digital evidence.

"You've got to keep up to date."

Organizations such as TCC are increasingly offering seminars on digital security, he said. The more education on the topic employers get, the better they'll be able to work with their IT employees.

"The first thing an employer has to do is make a decision that they have to grow and learn," Manes said.