Policies You Must Have
Policies can govern just about any facet of the workplace and employment. You can, in fact, have so many policies that you introduce paralysis among employees for fear of violating one. Depending on the size of your organization, you may be able to function with only a few, or you may need several hundred. Regardless of that number, the policies discussed in this section apply to security for all organizations and include data loss/theft, least privilege, separation of duties, time of day restrictions, mandatory vacations, and job rotation. Some of these were discussed in passing in previous chapters as they related to other topics, but all are covered in adequate depth for the Security+ exam here.
When creating policies, ...
Get CompTIA® Security+™: Study Guide, Fifth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.