Basic Computer Security Advice Needed

I am what passes for the computer technology guy at a small elementary school. I'm trying to improve the security of the information we store on our computers and I hope this list can give me some advice.

First, I'm looking for an appropriate definition of information security as it would apply to my situation. "If I don't know what it is, how will I know when I've found it?"

Second, I need to write a policy or a checklist, or a document of some sort we can use to evaluate, monitor, and improve our computer/information security.

We’re constrained by time, training, and money. Any policy I devise has to be capable of being implemented and managed by people with modest computer skills (the equivalent of the CompTIA A+ or Network+) with limited time available, and for all practical purposes, no funding.

I realize that under these circumstances an extremely high level of security is unobtainable and probably unnecessary in any event. What I hope to be able to do it to make the information on the LAN secure from the casual hacker and all but the most persistent attacks from those who might deliberately target our network.

Can you direct me toward any resources; particularly security definitions, security frameworks, or security policies that you think might assist me? I have done the usual Google searches and come up with an overwhelming list of web sites but I was wondering if you knew of anything that specifically addressed my problem.

Thank you for your assistance,

Mark Goodridge

Relevant Pages

  • Re: No Shut Down or Restart for Domain Admins
    ... run rsop.msc from your DC and check which policy is responsible to this. ... I have created a group policy in a development network and imported it ... NT AUTHORITY\Authenticated Users Read (from Security Filtering) No ... Enforce user logon restrictions Enabled ...
    (microsoft.public.windows.server.active_directory)
  • Fwd: Oh Dear, Where to start?!
    ... It seems to me you need two things: an organizational policy, ... finish college and break into the real world of computer security. ... experience in the field of network security and policy ... updates, driver updates, and recommended updates. ...
    (Security-Basics)
  • Re: Oh Dear, Where to start?!
    ... > from some of you with appropriate experience in the field of network ... > main focus and priority has been computer security and policy development. ... install certain updates. ...
    (Security-Basics)
  • RE: Mass Distribution of Security Policies
    ... It could start with a Network usage agreement, (Advisory Policy) to all ... Mass Distribution of Security Policies ...
    (Security-Basics)
  • SecurityFocus Microsoft Newsletter #50
    ... Subject: SecurityFocus Microsoft Newsletter #50 ... Specialist in Microsoft's Security Services Partner Program, ... Network Monitoring for Intrusion Detection ... Relevant URL: ...
    (Focus-Microsoft)