Network Security Policy Necessary to Protect Systems and Data
This article from IT Manager's Journal provides policy guidelines that every organization should have to to establish how internal and external users will interact with a company's computer network, stating:
"To create a good site policy for computer security, you need to do two things: determine your company's expectations of proper computer and network use, and define the procedures to prevent and respond to security incidents.
To this end, you, working with your policy committee, need also to consider and to agree upon the following:
The organization's goals and direction. A university with building spread across a large campus will have different security concerns than a corporation in an office park.
The site security policy has to conform to existing policies, rules, regulations, and laws the organization must adhere to. You'll, therefore, have to identify and consider these things while you develop the policy.
If your network extends outside your facility, you'll have to consider security on perhaps a global scale. The policy should address local security issues caused by a remote site, as well remote system security issued caused by a local host or user."