PaulDotCom mailing list archives
Re: Security Starts With Policies
From: alec <alec () atomd com>
Date: Tue, 01 Mar 2011 11:19:57 -0500
Try SANS for modular templates: http://www.sans.org/security-resources/policies/As we used to say in the desktop publishing world: a good design often starts with copying someone else's good design.
-Alec On 03/01/2011 09:08 AM, Michael Lubinski wrote:
I realize this is a huge question and most of the times unanswerable. Building a policy structure for a company, then implementing it from the ground up, is a huge undertaking and has me a bit overwhelmed. Bit by bit I guess. On Tue, Mar 1, 2011 at 7:53 AM, Chesmore, Michael [DAS] <Michael.Chesmore () iowa gov <mailto:Michael.Chesmore () iowa gov>> wrote: Wow, huge question…. Not sure that this will be all that helpful but there is a pretty good book on Security Metrics called “Security Metrics, Replacing Fear, Uncertainty and Doubt” by Andrew Jaquith I like the ideas in it but liking ideas and implementing them are worlds apart sometimes. Mike *From:*pauldotcom-bounces () mail pauldotcom com <mailto:pauldotcom-bounces () mail pauldotcom com> [mailto:pauldotcom-bounces () mail pauldotcom com <mailto:pauldotcom-bounces () mail pauldotcom com>] *On Behalf Of *Michael Lubinski *Sent:* Monday, February 28, 2011 2:10 PM *To:* Pauldotcom () mail pauldotcom com <mailto:Pauldotcom () mail pauldotcom com> *Subject:* [Pauldotcom] Security Starts With Policies As it stands many think that security starts with solid policies and procedures. Every good policy and procedure will have a scope. I am in the midst of taking an organization and applying some best practices with some audit requirements. How do you scope a project that is based on best practices and encompasses everything from servers, routers, switches, firewalls, and unused network drops? _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com <mailto:Pauldotcom () mail pauldotcom com> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Alec Brecher AtomD LLC office: 802 244-4099 mobile: 802 233-1522 skype: AlecAtAtomD http://atomd.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Security Starts With Policies Michael Lubinski (Feb 28)
- Re: Security Starts With Policies Chesmore, Michael [DAS] (Mar 01)
- Re: Security Starts With Policies Michael Lubinski (Mar 01)
- Re: Security Starts With Policies alec (Mar 01)
- Re: Security Starts With Policies Michael Lubinski (Mar 01)
- Re: Security Starts With Policies Sherwyn (Mar 01)
- Re: Security Starts With Policies Chris Keladis (Mar 01)
- Re: Security Starts With Policies Michael Lubinski (Mar 03)
- Re: Security Starts With Policies Chesmore, Michael [DAS] (Mar 01)