Educause Security Discussion mailing list archives
Re: Policy Recommendations
From: Joanna Grama <jgrama () EDUCAUSE EDU>
Date: Wed, 7 Feb 2018 17:28:03 +0000
Hi Justin, The HEISC Information Security Guide has a policy chapter and list of sample policies that might be useful to you. The policies chapter is here: https://spaces.internet2.edu/display/2014infosecurityguide/Security+Policies The list of sample policies is here: https://spaces.internet2.edu/display/2014infosecurityguide/Information+Security+Policy+Examples On the sample policies page, I think the sections on "AUPs," "Minimum Security Requirements for Network Devices," and "Networking" might be most useful. Kind regards, Joanna Joanna Grama, JD, CISSP, CRISC, CIPT Director of Cybersecurity and IT GRC Programs EDUCAUSE Uncommon Thinking for the Common Good 282 Century Place, Suite 5000, Louisville, CO 80027 direct: 720.406.6769 | jgrama () educause edu Become a Member- Everyone at your organization is an EDUCAUSE member when you join | Access discounts, resources, and valuable peer networks | Discover membership -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Justin Harwood Sent: Wednesday, February 7, 2018 12:11 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Policy Recommendations ?We are contemplating the need for a section in one of our policies that includes the topic of connecting network enabled devices (such as IoT, rogue AP's, etc) but not sure what guidelines we would want to provide. Does anyone have any policies that pertain to this specific topic that they could share with me? Justin Harwood Infrastructure Solutions Security Architect ITARS - Security Infrastructure Services Central Piedmont Community College Central Campus, Citizens 242 704-330-6141 www.cpcc.edu<http://www.cpcc.edu/> ________________________________ This e-mail, including any attachments, is intended only for the addressee's use and may contain confidential and proprietary information. If you are not the intended recipient, you are hereby notified that any retention, dissemination, reproduction, or use of the information contained in this e-mail is strictly prohibited. If you have received this e-mail by error, please delete it and immediately notify the sender. Thank you for your cooperation.
Current thread:
- Policy Recommendations Justin Harwood (Feb 07)
- Re: Policy Recommendations Joanna Grama (Feb 07)
- Re: Policy Recommendations Hart, Michael (Feb 07)
- Re: Policy Recommendations Ronald King (Feb 07)
- Re: Policy Recommendations randy (Feb 07)