Network Security Policy

Before a network can be secured, a network security policy has to be established. A written network security policy defines the organization's expectations of proper computer and network use, and the procedures to prevent and respond to security incidents. A written network security policy is the foundation of security because it outlines what assets are worth protecting and what actions or inactions threaten the assets. The policy will weigh possible threats against the value of personal productivity and efficiency, and identify the corporate assets which need different levels of protection. Without a written network security policy, a proper security framework cannot be established. Employees cannot refer to any established standards and security controls would be circumvented for the sake of increasing efficiency.

Security policies are an absolute must for any organization. They provide the framework that holds it all together.

Some important details regarding written network security policies are:

  • Policies define appropriate behavior.
  • Policies set the stage in terms of what tools and procedures are needed.
  • Policies communicate a consensus.
  • Policies provide a foundation for HR action in response to inappropriate behavior.
  • Policies may assist in the prosecution of extreme cases.

Key policies are:

  • Acceptable use policy
  • Remote access policy
  • Information protection policy
  • Perimeter security management policy

Sample policies:

               
 
© Micro Symplex, Inc. - Terms of Use | Privacy Policy | Contact Us