Appendix C. Sample Security Policies

To give you a flavor of security policy wording and scope, this appendix includes three sample security policies in use by an organization. For more information on security policies, refer to Chapter 2, “Security Policies and Operations Life Cycle.” For more sample policies, check out the SANS security policy website at the following URL: http://www.sans.org/resources/policies/.

INFOSEC Acceptable Use Policy

Here is one company’s acceptable use policy. Notice that even though this is the most essential security policy you will write, this one is relatively short.

1.0 Overview

INFOSEC’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to <Company Name>’s ...

Get Network Security Architectures now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.