5 days to save $500 for SANS Rocky Mountain 2013

Computer Security Policy Templates

Acceptable Encryption Policy

Defines requirements for encryption algorithms used within the organization.

Acceptable Use Policy

Defines acceptable use of equipment and computing services, and the appropriate employee security measures to protect the organization's corporate resources and proprietary information.

Application Service Provider Policy

Defines minimum security criteria that an ASP must execute in order to be considered for use on a project by the organization.

Application Service Provider Standards

Outlines the minimum security standards for the ASP. This policy is referenced in the ASP Policy above.

Computer Disaster Recovery Plan Policy

Robert Comella
View Computer Disaster Recovery Plan (PDF) (46KB)
SANS Technology Institute White Paper Project
July 2009

Computer Disaster Recovery Plan - Poster

Robert Comella
View Computer Disaster Recovery Plan (PDF) (3.22MB)
SANS Technology Institute White Paper Project
July 2009

Database Credentials Coding Policy

Defines requirements for securely storing and retrieving database usernames and passwords.

End User Encryption Key Protection Policy

Rick D. Smith
View End User Encryption Key Protection Policy (PDF) (92KB)
SANS Technology Institute White Paper Project
August 2009

End User Encryption Key Protection - Poster

Rick D. Smith
View End User Encryption Key Protection Poster (PDF) (207KB)
SANS Technology Institute White Paper Project
August 2009

Password Protection Policy

Defines standards for creating, protecting, and changing strong passwords.

Software Installation Policy

John Brozycki
View Software Installation Policy (PDF) (16KB)
SANS Technology Institute White Paper Project
November 2007

Software Installation Policy - Poster

John Brozycki
View Software Installation Policy Poster PDF (868KB)
SANS Technology Institute White Paper Project
November 2007

Workstation Security Policy

Russell Meyer
View Workstation Security Policy (Word Doc) (52KB)
SANS Technology Institute White Paper Project
February 2008

Workstation Security - Poster

Russell Meyer
View Workstation Security Poster (Word Doc) (1.1MB)
SANS Technology Institute White Paper Project
February 2008

information security policy course

Management 514: Information Security Policy In Depth Course

Download Course
Excerpts Below

Infosec Policy Excerpt (pdf)
Infosec Policy Excerpt (pptx)

Latest Whitepapers

Securing BYOD With Network Access Control, a Case Study
By Lawrence Orans

Event Monitoring and Incident Response
By Ryan Boyle

Dead Linux Machines Do Tell Tales
By James Fung

Latest Tweets

SANS San Francisco 2013 offers 7 courses to boost your Cyber [...]
May 23, 2013 - 3:06 PM

Excellent blog post by @MarkBaggett on pen testing MS SQL vi [...]
May 22, 2013 - 7:39 PM

#appsec "WhatWorks in AppSec: Log Forging" http://t.co/Gsq91O7UAH
May 22, 2013 - 10:00 AM

Contact Us

(301) 654-SANS (7267)
Mon-Fri 9am - 8pm EST/EDT
info@sans.org

"It has really been an eye opener concerning the depth of security training & awareness that SANS has to offer."
- Michael Hall, Drivesavers

"The perfect balance of theory and hands-on experience."
- James D. Perry II, University of Tennessee

"SANS is a great place to enhance your technical and hands-on skills and tools. I thoroughly recommend it."
- Aaron Waugh, Datacom NZ Ltd