OSSTMM: Open Source Security Testing Methodology Manual
A widely used, peer-reviewed, comprehensive methodology for performing security tests.
An Overview of Corporate Computer User Policy
Article discusses the elements of a corporate security policy, which it calls the gateway to a company`s intellectual property. The main threat to information security within a company is its employees. [PDF]
PKI Policy Whitepaper
Provides general information about PKI policy, the role that policy plays in a PKI and how that policy applies to both traditional and PKI-enabled business environments. [PDF]
Policy Over Policing
InfoWorld article - It's easy to develop e-mail and Internet policies, but education and documentation are crucial to their success.
P3P Guiding Principles
Principles behind the W3C Platform for Privacy Preferences initiative.
Return on Information Security Investment
Assess your company's Return on Information Security Investment
RFC2196 (Site Security Handbook)
a guide to developing computer security policies and procedures for sites that have systems on the Internet. Published 1997.
SANS InfoSec Reading Room
Articles on security policy and other information security topics.
SecureZone
Information portal with focus on policies, protocols and standards
SecurityDocs
A substantial collection of papers and articles on the development and implementation of security policies.
Site Security Policy Development
This paper outlines some issues that the writer of a Site Computer Security Policy may need to consider when formulating such a document.
Structured Approach to Computer Security
A security policy is a set of rules written in general terms stating what is permitted and what is not permitted in a system during normal operation.
Understanding the Virus Threat and Developing Effective Anti-Virus Policy
This paper focuses on providing the reader with an overview of the current virus landscape and aids in developing best practice anti-virus policies.
U.S. Department of Health and Human Services
Security standards, transactions and code set standards, identifier standards, mailing lists, implementation guides, and administrative simplification.
What makes a good security policy and why is one necessary?
Security does not come from automated applications, rather it is compromised of security applications or systems, processes and procedures and the personnel to implement both the systems and processes. In order to properly address security, the most fundamental item necessary is a security policy.
What's Your Policy?
If your company doesn't have written security policies, it's time it did, and Mark Edwards has some resources to help.
Why Security Policies Fail
Objective analysis reveals that many breaches are linked to common weaknesses in the security policy...accidents waiting to happen. This article focuses on strategic and systematic weaknesses that can slowly degrade security operations.
Windows 2000 Group Policy and Security
The use of Group Policy to simplify the network security tasks that you face as a network administrator. With Group Policy, you can ensure that the machines on your network remain in a secure configuration after you deploy them.
Windows IT LIbrary
This paper offers wide ranging advice on the development and implementation of security policies.
World of Information Security Management
This site contains information on BS 7799 (ISO/IEC 17799)
Results: Previous 1 2 3 4 5 6 7 8 9 10 11 12
Site
Menu 
