Inform users about security provisions in place
- Establish rules for usage of external devices (e.g. usb devices, personal devices, ecc…) at work/home
- Create a process for a prompt and shared reaction in case of data breach and inform users to increase trust.
- Perform auditing and drills, and establish processes/routines to control possible mistakes of employees and/or respond to incidents.