Security Basics mailing list archives
RE: Need help with security policies.
From: "Dean De Beer" <ddb () plazacollege edu>
Date: Wed, 12 Oct 2005 15:31:26 -0400
You might want to check out the sample policies on the SANS website. http://www.sans.org/resources/policies/ -----Original Message----- From: Gettin Phunky [mailto:phunkodelic () gmail com] Sent: Tuesday, October 11, 2005 8:20 PM To: security-basics () securityfocus com Subject: Need help with security policies. I work for a mid size company with about 500 employees and run a network of 200+ nodes. I have thus far written a "general usage policy" for all my users. It entails general network usage, email usage, hacking stuff (software, systems, hardware), and there general IT rights. It was written in terms of protecting the company form legal issues and to inform the user of their system rights and what will happen should those rights be violated. It was reviewed and signed off on by managment. Now all employees who start employement read it and sign it stating they have read and understand it. With that being said I am looking at writing general polices for the company and was wondering where to start. What type of polices, what framework (document template), and content should be included. Is what I have done already enough? I don't want to go too deep as we are only a medium size company with an IT department of three people, but at the same time I feel we are lacking something Any advice would be greatly appreciated Thanks!
Current thread:
- Need help with security policies. Gettin Phunky (Oct 12)
- RE: Need help with security policies. Dean De Beer (Oct 12)
- <Possible follow-ups>
- RE: Need help with security policies. Paul Marsh (Oct 12)
- Re: Need help with security policies. nfanelli (Oct 12)