Companies are expanding their data networks beyond traditional boundaries to meet their customers’ need for more resources and information. Customers interact with information on our networks. We allow and encourage our partners and contractors to access shared information. We store, process and transmit sensitive information that does not belong to us. We mix business networks with personal networks, such as social media sites like Facebook and Twitter.
As a result, businesses now need to document rules for protecting information and systems that store and process the information by writing a set of Information Security Policies.
Written Information Security Policy documents formally declare management’s intent to protect information and provide a high-level description of the various procedures and controls in place to protect confidential information. Formal and documented guidelines are required for compliance with various security and privacy regulations. Organizations that require audits of their internal systems for compliance with various regulations will use Information Security Policies as the reference for the audit.
Examples of Policies We’ve Developed
- Workstation and Windows PC policies
- Physical access to computing equipment and facilities
- Firewall configuration and policies
- Router configuration and policies
- Wireless access methods, practices, and policies
- VPN and dial-up security policies
- Laptop usage and network access policies
- Web usage policies
- E-mail usage policies
- WAN Links
- Server Operating Systems and user policies
- Workstation operating systems and data policies
- Patch management policies
- Backup strategies and business continuity plans
- Tape management practices
- Virus protection management practices
- Spyware/Malware avoidance management policies
- Intrusion detection mechanisms and strategies
- Password and other first or second level security policies
- Directory access policies
- Network authentication policies
- Vendor access policies
- Equipment disposal policies
- Change management policies
Find Out More
Sword & Shield has been outsmarting cyber-criminals and improving security for enterprises around the world since 1997. Fill out our Consultation Request form or call us so we can begin securing your future.
U.S. Toll-free: 800-810-1885