Cyber security policy

Cyber security policy
Cyber security policy

In this article we will talk about Cyber security policy, and in previous article we already discussed about WHAT IS CONFIDENTIALITY IN DATA PROTECTION?.

A security policy is a set of security objectives for a company that includes rules of behavior for users and administrators and specifies system requirements. These objectives, rules, and requirements collectively ensure the security of a network, the data, and the computer systems within an organization.

Cyber security policy

A comprehensive security policy accomplishes several tasks:

  • It demonstrates an organization’s commitment to security.
  • It demonstrates an organization’s commitment to security.
  • It demonstrates an organization’s commitment to security.
  • It demonstrates an organization’s commitment to security.
  • It demonstrates an organization’s commitment to security.

Security policies inform users, staff, and managers of an organization’s requirements for protecting technology and information assets. A security policy also specifies the mechanisms needed to meet security requirements.

  • Identification and authentication policies – Specifies authorized persons that can have access to network resources and outlines verification procedures.
  • Password policies – Ensures passwords meet minimum requirements and are changed regularly.
  • Acceptable use policies – Identifies network resources and usage that are acceptable to the organization. It may also identify ramifications for policy violations.
  • Remote access policies – Identifies how remote users can access a network and what is remotely accessible.
  • Network maintenance policies – Specifies network device operating systems and end user application update procedures.
  • Incident handling policies – Describes how security incidents are handled.

One of the most common security policy components is an acceptable use policy (AUP). This component defines what users can and cannot do on the various system components. The AUP should be as explicit as possible to avoid misunderstanding. For example, an AUP lists specific websites, newsgroups, or bandwidth intensive applications that users cannot access using company computers or the company network.

1 Trackback / Pingback

  1. What is Authorization? - Cisco Education

Leave a Reply

Your email address will not be published.


*