security policy
Home > Security Definitions - Security policy
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

security policy

Show me everything on Information Security Policies, Procedures and Guidelines

DEFINITION - In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets. A security policy is often considered to be a "living document", meaning that the document is never finished, but is continuously updated as technology and employee requirements change. A company's security policy may include an acceptable use policy, a description of how the company plans to educate its employees about protecting the company's assets, an explanation of how security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of the security policy to ensure that necessary corrections will be made.

Learn more about Information Security Policies, Procedures and Guidelines
Essential guide: Pandemic planning for H1N1: Discover how to prepare for a possible swine flu outbreak so your business can continue to operate smoothly and securely.
Quiz: Mitigating Web 2.0 threats: Take this five-question quiz to test your knowledge of social networking sites, software-as-a-service and common Web attacks and threats.
Fact or fiction: Don't forget about your intellectual prop: By creating a data protection plan, security professionals are able to ensure valuable data remains under control and make more effective use of the assets within a company. Check out the expert ...
Security rules to live by: Compliance with laws and regulations: An excerpt of Chapter 3: Security Rules to Live By, from David J. Lineman's Information Protection Made Easy.
Special considerations for network-based access control: An excerpt from Chapter 13: Access Control of Information Security: Design, Implementation, Measurement, and Compliance, by Timothy P. Layton.

LAST UPDATED: 29 May 2007

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- This white paper from Security Focus explains why security policies often fail.
- Sans.org answers the question "What do I put in a security policy"?





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
Balancing security, business case for consumer products in enterprise
Security managers looking to curb their network risks struggle with employees' desire to use consumer-oriented devices and services like smartphones,...
Schneier-Ranum face-off part 6: Audience questions
Wrapping up their face-off at ISD 09, Bruce Schneier and Marcus Ranum take questions from the audience on everything from strategies for protecting...
Editor's Desk: Apathy and the Cybersecurity Coordinator
Six months since President Obama announced he would appoint a cybersecurity coordinator, the position sits vacant. Do you care?

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
defense in depth  (SearchSecurity.com)
Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise......
non-disclosure agreement  (SearchSecurity.com)




Get More security policy Answers