< Day Day Up > |
The Site Security Handbook (RFC 2196) states the following:
A security policy is vital to any organization and provides a framework inside of which people can work safely. The policy provides staff with clear information about responsibilities in the handling of resources and information. In addition, the policy details the meaning of acceptable use and any prohibited activities. Establishing a security policy lessens the risk of a potential security breach. For example, by raising awareness about how someone can inadvertently divulge information by improper use of the Internet, a company can limit the threat of this occurring. The policy is also a living, ever-changing document that describes what assets you are trying to protect, from whom you are trying to protect them, what likely threat exists, and how you intend to provide this protection. The document can be 1 to 2 pages or 1400 pages long, depending on what you want to cover. |
< Day Day Up > |