What's Your Policy?
If your company doesn't have written security policies, it's time it did, and Mark Edwards has some resources to help.
Why Security Policies Fail
Objective analysis reveals that many breaches are linked to common weaknesses in the security policy...accidents waiting to happen. This article focuses on strategic and systematic weaknesses that can slowly degrade security operations.
Windows 2000 Group Policy and Security
The use of Group Policy to simplify the network security tasks that you face as a network administrator. With Group Policy, you can ensure that the machines on your network remain in a secure configuration after you deploy them.
Windows IT LIbrary
This paper offers wide ranging advice on the development and implementation of security policies.
World of Information Security Management
This site contains information on BS 7799 (ISO/IEC 17799)
Acceptable Use Policy Report
A report on Acceptable Usage Policy: what corporations expect of it, a case study, and a framework for creating your own policy.
Aelita Enterprise Directory Manager
Secure "Rules and Roles" management platform that facilitates secure Exchange and Active Directory administration.
AmiWall.org
Proxy based system to aid in implementing employee internet use policies.
The Basics of an IT Security Policy
This paper is intended to address the importance of having a written and enforceable Information Technology (IT) security policy, and to provide an overview of the necessary components of an effective policy.
Best Practices in Network Security
Knowing how and what to protect and what controls to put in place is difficult. It takes security management, including planning, policy development and the design of procedures.
Browsing with a Loaded Gun
A strong web Security Policy is key to keeping your company safe in the net-centric world. (PDF format)
Building and Implementing a Successful Information Security Policy
White paper providing the reader with new and innovative aspects on the process of building a Security Policy, as well as managing a Security Awareness Program. [PDF]
Building Effective, Tailored Information Security Policy
20th NISSC Internet Technical Security Policy Panel
Canada's Export Controls
Unofficial / unverified article describing Canada's export controls on cryptographic software.
CERT Practice Modules: Improving Security
Determine contractor ability to comply with your organization's security policy.
CERT Practice Modules: Responding to Intrusions
Establish policies and procedures for responding to intrusions.
CERT Practice Modules: Securing Desktop Workstations
Develop and promulgate an acceptable use policy for workstations.
CobiT User Group
International user group and hub for CobiT, the emerging IT control and security methodology.
Common Criteria Evaluation and Validation Scheme
The US government agency overseeing the Common Criteria security certification Program
Computer and Information Security Policy
Formal IT security policy helps establish standards for IT resource protection by assigning program management responsibilities and providing basic rules, guidelines, and definitions for everyone in the organization. Policy thus helps prevent inconsistencies that can introduce risks, and policy serves as a basis for the enforcement of more detailed rules and procedures.
Results: Previous 1 2 3 4 5 6 7 8 9 10 11 12 Next