| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Policy Guides
|
|
Sample Policies
|
|
Experiences with Password Policies This article has been written based on my own experiences while performing penetration testing and security audits for large and small organizations domestic and abroad. This article is targeted at providing a better understanding of the weaknesses that often surrounds the choice and change of passwords on both administrative and technical levels, and gives ideas on how to reduce such risks.
Per Thorsheim ,
06/30/2005
|
|
Development of an Effective Communications Use Policy Development of a good Communications Use Policy (also called an Acceptable Use Policy) is the cornerstone of a strong information security program. As an Information Security Professional, the development and implementation of such a policy is one of the most effective tools that you have for insuring the proper use of your company’s information systems.
By Tim O' Neil, 05/11/2004
|
|
Managing Internet Use: Big Brother or Due Diligence? Internet access has become an established business tool, taken for granted along with email, telephone and facsimile. Like these other media, giving staff access to the Internet has risks – will they spend all day downloading porn or swapping chat messages with their friends? Will they infect the network with viruses or publish company secrets?
By Steve Greenham, 05/11/2004
|
|
Security Policy: What it is and Why - The Basics So, with the following information I hope to give you a basic overview of what a Security Policy is and why you would want one. From here lets move on to some of the areas mentioned above and why they are so important to you, your business, customers, administrators, and users. Basically everyone involved.
By Joel S. Bowden, 05/11/2004
|
|
Developing Security Policies For Protecting Corporate Assets The Digital revolution of the 21st Century has not been achieved without its consequences. Real time business requirements and economic drivers have forced rapid changes to the methods used to conduct business-to-business and business to client communication. The Internet has now become a convenient and economic deployment medium for global business.
By Jasu Mistry, 05/11/2004
|
|
Developing Effective Information Systems Security Policies This paper takes a top-down approach and provides a high-level overview for developing effective information systems policies. The opening section describes the importance of management commitment. A management oversight committee is introduced as the primary team representing an organization for the purposes of implementing an information systems security program based on policy.
By R Daniel Lee, 05/11/2004
|
|
Technical Writing for IT Security Policies in Five Easy Steps Management often tasks IT Security professionals with the creation of IT Security policies. Many good references exist to assist these professionals in policy writing. These resources describe what policies should contain in terms of purpose, scope, responsibility, etc. However, they don’t address the need of providing specific guidelines for the novice technical writer.
By J.Patrick Lindley, 05/11/2004
|
|
Security Policy Roadmap - Process for Creating Security Policies This paper presents a systematic approach in developing computer security policies and procedures. All the processes in the Policy Life Cycle will be discussed. In particular, it will list all the issues and factors that must be considered when setting up the policies. It makes some recommendations and suggestions on relevant areas and produces a framework for setting security policies and procedures.
By ChaiwKok Kee, 05/11/2004
|
|
Creating an Information Systems Security Policy The following paragraphs are going to be a general outline as to what should be included in an Information Systems (IS) Security Policy. This structure can be followed, whether one is writing a corporate, a departmental, or a local (branch, shop, etc.) IS Security Policy.
By Walter F. Patrick, 05/11/2004
|
|
An Overview of Corporate Computer User Policy A security policy should serve as the company’s constitution that governs how employees use the network and take care of both internal and external security issues. It should be well planned and periodically updated in order to reflect your company’s ever-changing challenges and the continuous evolution in the world of technology. Having said so, this paper will discuss what should be covered in a corporate computer user policy that sets the overall tone of an organization’s security approach.
By Philip J. Kaleewoun II, 05/07/2004
|
|
Page: 1 234 |
