What Is a Security Policy?

Previous page
Table of content
Next page
 < Day Day Up > 

The Site Security Handbook (RFC 2196) states the following:

The main purpose of a security policy is to inform users, staff, and managers of their obligatory requirements for protecting technology and information assets.

A security policy is vital to any organization and provides a framework inside of which people can work safely. The policy provides staff with clear information about responsibilities in the handling of resources and information. In addition, the policy details the meaning of acceptable use and any prohibited activities. Establishing a security policy lessens the risk of a potential security breach. For example, by raising awareness about how someone can inadvertently divulge information by improper use of the Internet, a company can limit the threat of this occurring.

The policy is also a living, ever-changing document that describes what assets you are trying to protect, from whom you are trying to protect them, what likely threat exists, and how you intend to provide this protection. The document can be 1 to 2 pages or 1400 pages long, depending on what you want to cover.

     < Day Day Up > 

    Previous page
    Table of content
    Next page
    Penetration Testing and Network Defense
    Penetration Testing and Network Defense
    ISBN: 1587052083
    EAN: 2147483647
    Year: 2005
    Pages: 209
    Authors: Andrew Whitaker, Daniel Newman
    BUY ON AMAZON
    Agile Project Management: Creating Innovative Products (2nd Edition)
    OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
    Cisco Voice Gateways and Gatekeepers
    HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
    .NET-A Complete Development Cycle
    VBScript in a Nutshell, 2nd Edition
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy