Security policies–where to start

Written by on Wednesday, March 5, 2008 6:14 - 0 Comments

If you tell IT managers they need to create a formal, written security policy for their company (many small- and mid-sized companies don’t have one) what’s the first thing they’ll say in response?

If you tell IT managers they need to create a formal, written security policy for their company (many small- and mid-sized companies don’t have one) what’s the first thing they’ll say in response?

“Can you show me a template I can use to create one?”

That’s wrong thinking. You don’t want to create your security policy based on some general set of principles abstracted from companies in various business sectors. Instead, you want to base your security policy on your own company’s needs and nothing else. What information assets does your company have that need protecting? What risks do these assets realistically face? Prioritize your assets according to value and risks according to likelihood. Then create a policy that addresses each risk appropriately. ')}

Article written by MyComputerAid.com



Leave a Reply

You must be logged in to post a comment.

2003 server - Sep 30, 2008 22:34 - 0 Comments

instant messaging srv records

More In Computers & PC


Microsoft Outlook - Mar 22, 2009 11:22 - 0 Comments

Outlook: Duplicates in Mailbox

More In Computers & PC