Network
- This is a preview of the essay.
To view the full text you must login!
Security Policy
It is important for a business to implement a comprehensive security policy for their enterprise. The primary objectives of any security policy should be to maintain the Confidentiality, Integrity and Availability of all corporate assets and communications. "Confidentiality" keeps information from unauthorised or accidental disclosure. "Integrity" protects information from unauthorised or accidental modification, and "availability" ensures reliable access of information when and where it's needed. The security policy should embrace all three of these objectives when addressing potential threats to the enterprise.
The most effective security design leverages the capabilities of all components of an enterprise network. Providing multiple layers of locks, checks and limits creates "Defence In Depth," assuring that threats are localised with minimal impact on the organisation. A typical security policy will include a series of rules to ensure not only that corporate data assets are protected, but that access to and transmission of information is based on the specific goals and objectives of the organisation. Complete assessments of all corporate resources, roles of individuals, and risk evaluations are some of the fundamental elements that must be built into a security policy.
Once a security policy has been developed and adopted, it must be placed into practice...