This is the first in a series of four articles devoted to discussing about how information security policies can be used as an active part of an organization's efforts to protect its valuable information assets. In a world that is essentially technology driven; where the latest IIS exploit is countered with a mad rush to install the relevant patch and where the number of different operating systems in a network exceeds the number of hairs on the security administrator's head that haven't turned gray, policies give us an opportunity to change the pace, slow things down and play the game on our own terms. Policies allow organizations to set practices and procedures in place that will reduce the likelihood of an attack or an incident and will minimize the damage caused that such an incident can cause, should one occur.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
