Network Security Policy

A network security policy is a generic document that outlines rules for computer network access, determines how policies are enforced and lays out some of the basic architecture of the company security/ network security environment. The document itself is usually several pages long and written by a committee. A security policy goes far beyond the simple idea of "keep the bad guys out". It's a very complex document, meant to govern data access, web-browsing habits, use of passwords and encryption, email attachments and more. It specifies these rules for individuals or groups of individuals throughout the company.

Security policy should keep the malicious users out and also exert control over potential risky users within your organization. The first step in creating a policy is to understand what information and services are available (and to which users), what the potential is for damage and whether any protection is already in place to prevent misuse.

In addition, the security policy should dictate a hierarchy of access permissions; that is, grant users access only to what is necessary for the completion of their work.

While writing the security document can be a major undertaking, a good start can be achieved by using a template. National Institute for Standards and Technology provides a security-policy guideline.

The policies could be expressed as a set of instructions that could be understood by special purpose network hardware dedicated for securing the network.

Famous quotes containing the words network, security and/or policy:

    A culture may be conceived as a network of beliefs and purposes in which any string in the net pulls and is pulled by the others, thus perpetually changing the configuration of the whole. If the cultural element called morals takes on a new shape, we must ask what other strings have pulled it out of line. It cannot be one solitary string, nor even the strings nearby, for the network is three-dimensional at least.
    Jacques Barzun (b. 1907)

    Thanks to recent trends in the theory of knowledge, history is now better aware of its own worth and unassailability than it formerly was. It is precisely in its inexact character, in the fact that it can never be normative and does not have to be, that its security lies.
    Johan Huizinga (1872–1945)

    The policy of dollar diplomacy is one that appeals alike to idealistic humanitarian sentiments, to dictates of sound policy, and strategy, and to legitimate commercial aims.
    William Howard Taft (1857–1930)