Interested to Buy Any Domain ? << Click Here >> for more details...
What is a security policy?
- 1 Answers
- 5705 Views
- I also Faced
- E-Mail Answers
Answer / yogendra
So the first inevitable question we need to ask is, “what
exactly is a security policy”? Well, a policy would be some
form of documentation that is created to enforce specific
rules or regulations and keep a structure on procedures.
Here, in the context of ‘security’, is simply a policy
based around procedures revolving around security. Think of
any other kind of policy… a disaster recovery policy is a
set of procedures, rules and plans revolving around having
a disaster and how to recover from it. Security polices are
much the same. Ok, now that you have the general idea now,
lets talk about what the security policy will generally
provide. Remember… a security policy is the foundation and
structure in which you can ensure your comprehensive
security program can be developed under. If I can make an
analogy, a security policy is like the spine, and the
firewalls, IDS systems and other infrastructure is the meat
and flesh covering it up. There are a great many things you
will need to understand before you can define your own.
Security policies are generally overlooked, not implemented
or thought of when it’s already too late. To keep you in
the loop on what this means, we can flip flop back to the
example I first stated with the Porn Surfer… It doesn’t
help ‘after’ the fact when your dealing with a court case,
if you had a policy in place to keep people informed about
what it is they can or cannot do (like surf the web during
business hours hitting sites that are not business related)
they may not do it in the first place, and If they do, you
have a tool (the policy) to hold them accountable.
So, now that we understand the fundamentals of what a
security policy is, lets sum it up in one sentence before
we move forward… A security policy is a living document
that allows an organization and its management team to draw
very clear and understandable objectives, goals, rules and
formal procedures that help to define the overall security
posture and architecture for said organization. This
article will cover the most important facts about how to
plan for and define a security policy of your own, and most
of all, to get you to think about it – whether you already
have one or not.
A security policy must also be created with a lot of
thought and process. You can make a security policy too
restrictive. If you do, you could cause a lot of strain on
your employees, who may be accustomed to one way of doing
business, and it may take awhile to grow them into a more
restrictive security posture based on your policy. A
security policy should contain some important functions and
they are as follows.
| Is This Answer Correct ? | 3 Yes | 0 No |
explain how do we do authentication with message digest(md5)? (Usually md is used for finding tampering of data)
What are the data units at different layers of the TCP / IP protocol suite
What is an information security management system (isms)?
Why we called Active directory is active?
11 Answers ATS, Spectrum, Symantec, TCS,
What are the possible ways of data exchange
What is the difference between arp & rarp?
What is cloud security?
What do you do when you get blue screen in a computer? How do you troubleshoot it?
Explain how do we use rsa for both authentication and secrecy?
How does traceroute work? Now how does traceroute make sure that the packet follows the same path that a previous (with ttl - 1) probe packet went in?
What are the types fo ddos attacks?
What is Firewall? I saw in one website Firewall is software and hardware and combination of software and hardware.It is used to protect user information or avoiding crackers.how it is?Whether it is hardware?If not then why the images are like that?(a wall ).Please help me by answering this question.Advance thanks.
Networking Protocols 
