- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Security Policy: What it is and Why - The Basics
- Abstract
- A security policy is nothing more than a well-written strategy on protecting and maintaining availability to your network and it's resources. By having a well-written policy that covers the following areas, you should be able to react and recover from most situations in minimal time: 1) Risk Assessments 2) Password Policies 3) Administrative Responsibilities 4) User Responsibilities 5) E-mail Policies 6) Internet Policies 7) Disaster Recovery and 8) Intrusion Detection. But regardless of whether you are on a Local Area Network (LAN) connected or not connected to the Internet, or the CIO responsible for a large Wide Area Network (WAN), a security policy is a must. So, with the following information I hope to give you a basic overview of what a Security Policy is and why you would want one.