A method for the development of a comprehensive network security policy is known as the security policy development life cycle (SPDLC).
Network Security
nA successful network security implementation requires a marriage of technology and process.
nRoles and responsibilities and corporate standards for business processes and acceptable network-related behavior must be clearly defined, effectively shared, universally understood, and vigorously enforced for implemented network security technology to be effective.
nProcess definition and setting of corporate security standards must precede technology evaluation and implementation.
Security vs. Productivity Balance
nThe optimal balance point that is sought is the proper amount of implemented security process and technology that will adequately protect corporate information resources while optimizing user productivity.
Assets, Risks, Protection
nmultiple protective measures may need to be established between given threat/asset combinations
Protective Measures
nThe major categories of potential protective measures are:
nVirus protection
nFirewalls
nAuthentication
nEncryption
nIntrusion detection
0 komentar:
Posting Komentar