Security Basics mailing list archives

RE: Building a Company Computer Use/Security Policy

From: "James McGee" <james () infosec co im>
Date: Wed, 19 Jan 2005 18:14:32 -0000

There is a very good checklist for 7799 on SANS, which is basically the
standard...

Or, try COBIT, some useful stuff there too 

-----Original Message-----
From: Danux [mailto:danuxx () gmail com] 
Sent: 19 January 2005 00:09
To: security-basics () securityfocus com
Subject: Re: Building a Company Computer Use/Security Policy

Hi list, you know, im trying to implement some kind of security issues on my
network but i would like to consult BS7799 or ISO17799 but as you know we
have to pay for it.
So... Do you know where can i download a versión of these documents without
paying? No matter if they are older version, you know is only for
educational purposes.

Thankxs

On Tue, 18 Jan 2005 13:58:00 -0200, Daniel Marques <dancmarques () gmail com>
wrote:

Samuel,

The Sams Reading Room (sans.org/rr) has a lot of good stuff. I have a 
very nice article here, but it's in portuguese.

I can translate and send it, if you want to...

-- Daniel

On Mon, 17 Jan 2005 13:31:32 -0500, Glenn Sieb <ges () wingfoot org> wrote:

Samuel S. Kempf said the following on 1/16/2005 7:33 PM:

I've recently taken over the position of I.T. Director for a 
mid-sized company that has no IT policy of any sort currently in 
place, aside from a vague mention in the no compete agreement 
about not giving proprietary data to other companies. One of my 
prime initiatives at the moment is to implement such a policy, 
something I've never been responsible for before. Can anyone point 
me to sites/articles on how to do this? Or, better yet, does 
anyone know of such a policy available online that I could use as 
a basis for my company? Any suggestions are most welcome.


Might I suggest a copy of Tom Limconcelli & Christine Hogan's <A 
HREF="http://www.amazon.com/exec/obidos/asin/0201702711/wingfoot-20";
TARGET="_blank">The Practice of System and Network 
Administration</A>--he covers creating security policies and such.

It's an amazing reference book--it's been on my shelf since it was 
published! :)

Best,
--Glenn

--
"They that can give up essential liberty to obtain a little 
temporary safety deserve neither liberty nor safety."
         ~Benjamin Franklin, Historical Review of Pennsylvania, 1759



--
Danux

Current thread:

Building a Company Computer Use/Security Policy Samuel S. Kempf (Jan 17)
- RE: Building a Company Computer Use/Security Policy dave kleiman (Jan 17)
- Re: Building a Company Computer Use/Security Policy Glenn Sieb (Jan 17)
  - Re: Building a Company Computer Use/Security Policy Daniel Marques (Jan 19)
    - Re: Building a Company Computer Use/Security Policy Danux (Jan 19)
    - RE: Building a Company Computer Use/Security Policy James McGee (Jan 19)
    - Re: Building a Company Computer Use/Security Policy Daniel Marques (Jan 24)
- Re: Building a Company Computer Use/Security Policy ane tor (Jan 18)
- Re: Building a Company Computer Use/Security Policy dallas jordan (Jan 18)
- Re: Building a Company Computer Use/Security Policy Erik Norgaard (Jan 19)
- <Possible follow-ups>
- RE: Building a Company Computer Use/Security Policy Meidinger Chris (Jan 18)
- RE: Building a Company Computer Use/Security Policy Roger A. Grimes (Jan 19)
- Re: Building a Company Computer Use/Security Policy jayson . agagnier (Jan 19)