Sample Security Policy?

[xrsolis at gmail.com (Xander Solis)]

David,

Found this in the SANS reading room:

http://www.sans.org/reading_room/whitepapers/policyissues/technical_writing_for_it_security_policies_in_five_easy_steps_492?show=492.php&cat=policyissues



On Sat, Oct 3, 2009 at 11:24 AM, David A. Gershman <
dagershman_dgt at dagertech.net> wrote:

> Hi All,
>
> I have a 'demo' network made up of HW from different vendors.  Each
> vendor wants to VPN in to their equipment.  All the equipment (which has
> pretty much no security) is linked together by a switch (which also has
> pretty much no security...not my doing).
>
> I want to draft a security policy for the vendors to sign prior to
> connection releasing 'my employer' from liability should one vendor's
> VPN client get infected as a result of another vendor's VPN client.
> (i.e. using the demo network as a bridge)
>
> Anyone know where I can find sample security policies (hopefully not 10s
> of pages long) which may include such type clauses (releasing all
> liability)?
>
> Thanks.
>
> ----------------------------------------
> David A. Gershman
> gershman at dagertech.net
> http://dagertech.net/gershman/
> "It's all about the path!" --d. gershman
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091004/8309d124/attachment.htm