Reasons for a Security Policy


You are probably deploying Check Point NG to protect something. Do you know what you are protecting, what you are protecting it from, and how you are protecting it? Before you can effectively deploy any security control, especially a powerful tool like Check Point NG, you need to have an information security policy. This is not to be confused with the Check Point Security Policy, which, according to Check Point is "Defined in terms of a Rule Base and [FW-1 NG] Properties." No, we are talking about an enterprise-wide information security policy that includes an Executive Security Policy, accompanied by standards, guidelines, and procedures for implementing and maintaining an information security program.

Many organizations are now seeing the need to have an articulated information security policy. Having such a policy is making organizations more effective in their preventative, detective, and responsive security measures. Moreover, as a result of government regulations, organizations in certain vertical industries are required to have formally documented information security policies.

In addition, an information security policy is also extremely beneficial to the security manager because it provides, at an executive level, a mandated framework for ensuring the confidentiality, integrity, and availability of an organization's information assets. What this means is that the security manager has some weight in his or her corner for budget requests when he or she has an approved information security policy.

Finally, for the security administrator, having a written and approved policy can ensure that you are able to deploy Check Point NG in a way that minimizes disruption to business. Think of the written policy as a recipe to ensure that you configure everything correctly. Not to mention that a policy is the best way to ensure you will keep your job, should something happen.




The Best Damn Firewall Book Period
The Best Damn Firewall Book Period
ISBN: 1931836906
EAN: 2147483647
Year: 2003
Pages: 240

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net