Microsoft has numerous "Best Practices" papers and worksheets. You can also start with the DoD policies, but you'll probably die of old age before you even get done reading them.
The problem with all of the current policies that you can probably find by DoD / SANS / Microsoft is they don't conform to your SMB (Small to medium biz). Best I can recommend is shooting the guys at SMB Minute an email and asking them. They are a podcast that focuses on security in SMBs. Hope this helps. -- Rob Fuller | Mubix Room362.com | Hak5.org | TheAcademyPro.com Ignore this: x5o...@ap[4\pzx54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* On Wed, Apr 14, 2010 at 12:12 PM, Craig Freyman <[email protected]> wrote: > I have to write a security policy for our company. We are a mall shop, and > the "policy" that is in place is a mess. Are there any specific templates > the group recommends? > I see that SANS has a number of very specific policies but was wondering if > there was an overall template that people find effective. > Thanks, > Craig > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
