RE: Interagency Security Policy Assistance

["Lafosse, Ricardo" <rlafosse () sfwmd gov>]

Thank you all for your assistance.
Cheers,

Rico

-----Original Message-----
From: Hornsby, Steven W. (CMS/OFM) [mailto:Steven.Hornsby () CMS hhs gov] 
Sent: 07 March, 2008 7:23 AM
To: Abimbola, Abiola; Lafosse, Ricardo;
security-basics () securityfocus com
Subject: RE: Interagency Security Policy Assistance

Rico,

You may want to have a system interconnection policy, that states what
type of connection can be established and information can be shared
ect... it's also helpful to have a Non- Disclosure Agreement(NDA) with
all parties that connect to your environment if your information system
contains sensitive data.

 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Abimbola, Abiola
Sent: Thursday, March 06, 2008 4:42 AM
To: Lafosse, Ricardo; security-basics () securityfocus com
Subject: RE: Interagency Security Policy Assistance

Hi Rico ,

You can call the policy 3rd party logical access control policy. 
You should also look into checking for updated anti virus products on
the 3rd party machine, security parch level and for the 3rd party to
sign agreement to your company computer use policy, data protection and
other legislation.

Good luck

Abiola Abimbola
Information Security Analyst
BSkyB (England)
111-5409
-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Lafosse, Ricardo
Sent: 05 March 2008 19:54
To: security-basics () securityfocus com
Subject: Interagency Security Policy Assistance



Good Afternoon All,

I am working on creating a security policy that specifically dictates
what specific agencies may enter our network and what protocols are
allowed to enter our network. 
A little more clarification:
The specific agencies are directly connected to our network with
firewalls at our borders. 
I need some suggestions on what to call the policy and if it should just
be a bulleted list or not.
Thanks for all your inputs,

Cheers,

Rico


-----------------------------------------
Information in this email including any attachments may be
privileged, confidential and is intended exclusively for the
addressee. The views expressed may not be official policy, but the
personal views of the originator. If you have received it in error,
please notify the sender by return e-mail and delete it from your
system. You should not reproduce, distribute, store, retransmit,
use or disclose its contents to anyone.

Please note we reserve the right to monitor all e-mail
communication through our internal and external networks.

SKY and the SKY marks are trade marks of British Sky Broadcasting
Group plc and are used under licence. British Sky Broadcasting
Limited (Registration No. 2906991), Sky Interactive Limited
(Registration No. 3554332), Sky-In-Home Service Limited
(Registration No. 2067075) and Sky Subscribers Services Limited
(Registration No. 2340150) are direct or indirect subsidiaries of
British Sky Broadcasting Group plc (Registration No. 2247735). All
of the companies mentioned in this paragraph are incorporated in
England and Wales and share the same registered office at Grant
Way, Isleworth, Middlesex TW7 5QD.