SANS has a great collection of canned policies that are VERY thorough. Grab
em
-Original Message-
From: Tim Medley
To: [EMAIL PROTECTED]
Sent: 8/28/2002 5:52 PM
Subject: RE: Security Policy [7:52061]
I'd be interested in something like this too, to use as a template.
Perhaps someone
Policy is not a place to put detailed information. it is a place to state
how management feel about the importance of security in the orgazation, and
who should execute further security practices.
Procedure is a detailed step by step on how to do things. Guidelines is a
generic approach of a
Howard C. Berkowitz wrote:
Password structure is too detailed for the security policy,
although
it's necessary in the security design. The policy should state
something on the order that people must protect their
passwords,
whether they can or cannot change their own, etc.
OK, the
Howard C. Berkowitz wrote:
Password structure is too detailed for the security policy,
although
it's necessary in the security design. The policy should state
something on the order that people must protect their
passwords,
whether they can or cannot change their own, etc.
OK, the
I'd be interested in something like this too, to use as a template.
Perhaps someone has a generic dummy security policy from a class or
something they can share.
tm
Tim Medley, CCNP+Voice, CCDP, CWNA
Sr. Network Architect
VoIP Group
iReadyWorld
-Original Message-
From: John Brandis
While security policies need to be unique per organization, there are some
common elements that can be recycled.
Just to give an example, how about the handling of passwords? Really, do
you need to re-create the piece of the policy that says passwords need to be
protected, must be of a certain
While security policies need to be unique per organization, there are some
common elements that can be recycled.
Just to give an example, how about the handling of passwords? Really, do
you need to re-create the piece of the policy that says passwords need to be
protected, must be of a certain
Hello John,
It might be difficult to get a company security policy. Usually the
security policy is internal use only. The second reason is, there should be
no general templates for security policy, as each company is unique and has
different preferences in taking risks.
There are some books
I think this will help you.
http://www.cisco.com/warp/public/126/secpol.html
Regards,
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7i=52067t=52061
--
FAQ, list archives, and subscription info:
John,
Security policy are for internal use and each security policy varies from
company to company. If you do
a search on the net for security policy) you will find plenty of
information that will help you to accomplish
your goal. There is a lot of information on the Cisco web site, A good
At 11:01 AM + 8/26/02, Juan Blanco wrote:
John,
Security policy are for internal use and each security policy varies from
company to company. If you do
a search on the net for security policy) you will find plenty of
information that will help you to accomplish
your goal. There is a lot of
11 matches
Mail list logo
