***“The mantra of any good security engineer is: Security is not a product, but a process. It’s more than designing strong cryptography into a system; it’s designing the entire system that all security measures, including cryptography, work together.”** - [Bruce Schneier](http://infosecphils.wordpress.com/infosec-quotes/)*
At OCI, security is the most critical component of our strategic plan and company values. In fact, it is the cornerstone of the foundation of OCI. As employees, information security policies and procedures are incorporated into every aspect of our daily activities. Ranging from facility security, to encrypted documents, to password protected mobile devices (to name a few examples), we live security every day.
As we continue to grow and are ever-improving our security protocols, we’ve identified a few key indicators of our security success.
Specifically, we look at the following items:
+ Security Policies
+ Organization of Information Security
+ Human Resources Security
+ Physical & Environmental Security
+ Communications & Operations Management
+ Access Control
+ Information systems acquisition, development and maintenance
+ Information security incident management
+ Business continuity management
+ Compliance
+ Management
We are constantly monitoring and measuring our security policies. *Are you evaluating your security procedures?* [Click here](http://www.oci.com/files/file/NewsletterOPT2%5B2%5D.pdf) to read about OCI’s tips for audit preparation, and stay tuned for more information about security updates at OCI. Also, always remember:
***“Passwords are like toothbrushes. They are best when new and should never be shared.”** - [Kara Kirschner-Brooks](http://www.nativeintelligence.com/ni-free/awareness-slogans.asp), CUDE; Learning & Development Specialist*