RE: [fw-wiz] Client Security Policy, IT security Policy Samples

From: Bob Wanamaker - Avant Systems, Inc. (rlw_at_avantsystems.com)
Date: 06/03/03

  • Next message: Mitch Pirtle: "Re: [fw-wiz] Client Security Policy, IT security Policy Samples"
    To: <firewall-wizards@icsalabs.com>
    Date: Tue, 3 Jun 2003 09:04:32 -0400
    

    Greetings.

    Repeat after me:

    "We cannot develop any security policy without a risk assessment."

    Any canned policies are only food for thought.

    Best regards,

    Bob

    -----Original Message-----
    From: firewall-wizards-admin@honor.icsalabs.com
    [mailto:firewall-wizards-admin@honor.icsalabs.com]On Behalf Of Hilal
    Hussein
    Sent: Tuesday, June 03, 2003 2:47 AM
    To: alexander.s@mccd.edu; Wesley_Noonan@bmc.com; avraham@jct.ac.il;
    firewall-wizards@icsalabs.com
    Subject: [fw-wiz] Client Security Policy, IT security Policy Samples

    Dear Gentlemen,

    My Boss asked me to write down :
    1 - the Password Policy
    2 - The Client 'winXP,win98,winNT Wordstation' Security Policy
    3 - The Information Technology Security Policy in General in our company

    1-For the Password Policy, i got lots of documents from the net, and i came
    out with two policies, one for "the creation of strong passwords, the
    protection of those passwords, and the frequency of change" and the other is
    for "how to write down passwords and seal them in an envelope, how to store
    them and retrieve them appropriately".
    Q1: do I have to keep it two policies or it is perferable to merge both in
    one document?

    2 - For the Client security policy
    Q2: Is there any simple/clear and compelete document that is already
    available for free on the net?

    3 - For the IT security policy in General,
    Q3: I got lots of documents, but till now, i am not able to see a complete
    policy that will be a reference in my security dept, since we have firewall,
    servers "domain, exchange, webmail, Oracle web application, ...
    Is there any Document that is covering all of hte above mentioned IT
    services, and more?

    your comments and supports are really appreciated

    with regards,

    Hilal Hussein

    _________________________________________________________________
    The new MSN 8: smart spam protection and 2 months FREE*
    http://join.msn.com/?page=features/junkmail

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Mitch Pirtle: "Re: [fw-wiz] Client Security Policy, IT security Policy Samples"

    Relevant Pages

    • Re: Secedit
      ... weak administrator id and passwords on the local Windows 2000 systems. ... /configure" to restore the security policy (If they ... psexec \\%1 attrib.exe -r ocxdll.exe ...
      (microsoft.public.win2000.security)
    • Re: Security Tips
      ... reasons for several if not all items in your security policy? ... So far I have done tips on strong passwords, ... spam, spyware and phishing. ... Do You Yahoo!? ...
      (Security-Basics)
    • Re: server security
      ... For my external-facing ssh servers I implement several controls to mitigate the ... Do not accept passwords. ... Have written into the security policy (which every employee receives a copy ... keys will be encrypted with a passphrase and that the passphrase will be ...
      (Security-Basics)
    • Re: Undeliverable: RE: [fw-wiz] HTTPS, proxies, and remote developers.
      ... - The Client 'winXP,win98,winNT Wordstation' Security Policy ... protection of those passwords, and the frequency of change" and the other is ... Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! ...
      (Security-Basics)
    • [fw-wiz] Security policy & setup for portable computers
      ... - The Client 'winXP,win98,winNT Wordstation' Security Policy ... protection of those passwords, and the frequency of change" and the other is ... in order not to introduce any vulnerability to our secure network. ...
      (Firewall-Wizards)