Writing Information Security Policies

Scott Barman

216 pages, parution le 04/02/2002

Ajouter à une liste

Indisponible

Résumé

Administrators, more technically savvy than their managers, have started to secure the networks in a way they see as appropriate. When management catches up to the notion that security is important, system administrators have already altered the goals and business practices. Although they may be grateful to these people for keeping the network secure, their efforts do not account for all assets and business requirementsFinally, someone decides it is time to write a security policy. Management is told of the necessity of the policy document, and they support its development. A manager or administrator is assigned to the task and told to come up with something, and fast!Once security policies are written, they must be treated as living documents. As technology and business requirements change, the policy must be updated to reflect the new environment—at least one review per year. Additionally, policies must include provisions for security awareness and enforcement while not impeding corporate goals. This book serves as a guide to writing and maintaining these all-important security policies.

Contents

Starting the policy process

What information security policies are
Determining your policy needs
Information security responsabilities

Writing the security policies

Physical security
Authentication and network security
Internet security policies
Email security policies
Viruses, worms, and Trojan horses
Encryption
Software development policies

Maintaining the policies

Acceptable use policies
Compliance and enforcement
The policy review process

Appendixes

Glossary
Resources
Sample policies

Caractéristiques techniques

	PAPIER
Éditeur(s)	New Riders
Auteur(s)	Scott Barman
Parution	04/02/2002
Nb. de pages	216
Format	17,8 x 22,8
Couverture	Broché
Poids	368g
Intérieur	Noir et Blanc
EAN13	9781578702640