Ok, there seems to be quite a bit of interest in this, so instead of replying to
everyone individually, here's my story and in stickin to it!
Yes we've implemented a rather stringent security policy. I got them straight off the
SANS website:
http://www.sans.org/newlook/resources/policies/policies.htm
Just replace all the instances of <COMPANY NAME> with your company's name or
oranization. Then go through and tweak appropriately. There are also kits you can buy
for about $500.00 that also have boiler plate policies, heres and example:
http://www.baselinesoft.com/
Or if that's too much work for you, you can always pay a secruity company $10,000 to
do it for your you.
cheerios..
Marc.
+++++++++++++++++++++++
Marc Renner - Director http://ci.marysville.wa.us
Network Operations Dept. Mailto:[EMAIL PROTECTED]
City of Marysville, Wa. (360) 651-5000
ISSA Member # 10281 http://www.issa.org
+++++++++++++++++++++++
>>> "Eric S. Hines" <[EMAIL PROTECTED]> 06/19/00 12:02PM >>>
Thank God someone asked this question :) I have been looking for the same
writeups.. Even a sample..
==============================================================
Eric S. Hines [EMAIL PROTECTED]
Information Security Group (ISG) Pgr: (888) 887-2553
NUASIS Corporation Cell: (408) 807-4428
Email Pager: [EMAIL PROTECTED] Dir: (408) 350-4997
--------------------------------------------------------------
NUASIS Corporation Ph: (408) 350-4900
260 Gish Rd. Fx: (408) 350-4999
San Jose, Ca TF: (877) 9NUASIS
95112 CS: (877) NUCUSTOMER
==============================================================
"The art of war teaches us to rely not on the likelihood of
the enemy's not coming, but on our own readiness to receive
him; not on the chance of his not attacking, but rather on the
fact that we have made our position unassailable."
- Sun Tzu
The Art of War
==============================================================
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Richard Ginski
Sent: Monday, June 19, 2000 11:12 AM
To: [EMAIL PROTECTED]
Subject: Security Policies for Local Governments
Hopefully this is not too off topic:
I am looking for feedback from fellow security professionals who have
experiences with local governments (state, county, city). Could you please
let me know the success rate of implementing a security policy in these type
of organizations. In other words, do or did you not succeed in writing a
security policy for the organization? And, what references could you supply
me as a model for creating our own security policy.
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
