Security Policy: What it is and Why - The Basics

A security policy is nothing more than a well-written strategy on protecting and maintaining availability to your network and it's resources. By having a well-written policy that covers the following areas, you should be able to react and recover from most situations in minimal time: 1) Risk Assessments 2) Password Policies 3) Administrative Responsibilities 4) User Responsibilities 5) E-mail Policies 6) Internet Policies 7) Disaster Recovery and 8) Intrusion Detection. But regardless of whether you are on a Local Area Network (LAN) connected or not connected to the Internet, or the CIO responsible for a large Wide Area Network (WAN), a security policy is a must. So, with the following information I hope to give you a basic overview of what a Security Policy is and why you would want one.