Why Your Organization Needs Security Policies
November 14, 2012If you are trying to keep your network secure from unauthorized access, creating security policies is an exercise in understanding what needs to be secured. Security policies serve many purposes and are the foundation of your security framework.
Security policies are the foundation of your secure infrastructure. Your security policies serve as a guide and a reference point to numerous security tasks in your organization including:
- Securing applications
- Configuring user access controls
- Defining management duties and responsibilities
- Assuring standardization and consistency
- Retaining confidential and proprietary information
- Designing enterprise architecture
- Mitigating risk
- Responding to security incident investigations
- Disciplining employees for breach of policy
- Minimizing liabilities to customers and shareholders
- Assisting auditors in understanding security intentions
- Establishing a sense of awareness and training
- Avoiding disputes with different technical teams
- Expediting procurement and deployment of new systems
Without security policies, no enforcement of security configurations or standards can be made. By establishing a policy, you are implying that enforcement can or will follow. Without security policies, enforcement of them is not possible.
www.bestitdocuments.com