security policy
Home > Security Definitions - Security policy
SearchSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

security policy

Show me everything on Information Security Policies, Procedures and Guidelines

DEFINITION - In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets. A security policy is often considered to be a "living document", meaning that the document is never finished, but is continuously updated as technology and employee requirements change. A company's security policy may include an acceptable use policy, a description of how the company plans to educate its employees about protecting the company's assets, an explanation of how security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of the security policy to ensure that necessary corrections will be made.

Learn more about Information Security Policies, Procedures and Guidelines
Essential guide: Pandemic planning for H1N1: Discover how to prepare for a possible swine flu outbreak so your business can continue to operate smoothly and securely.
Quiz: Mitigating Web 2.0 threats: Take this five-question quiz to test your knowledge of social networking sites, software-as-a-service and common Web attacks and threats.
Security rules to live by: Compliance with laws and regulations: An excerpt of Chapter 3: Security Rules to Live By, from David J. Lineman's Information Protection Made Easy.
Special considerations for network-based access control: An excerpt from Chapter 13: Access Control of Information Security: Design, Implementation, Measurement, and Compliance, by Timothy P. Layton.
Risk management: Implementation of baseline controls: This fourth article in the Insider Threat Management Guide examines the implementation of baseline controls.

LAST UPDATED: 29 May 2007

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- This white paper from Security Focus explains why security policies often fail.
- Sans.org answers the question "What do I put in a security policy"?





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
How to protect distributed information flows
In an excerpt from "The Shortcut Guide to Prioritizing Security Spending," author Dan Sullivan explains how to get a handle on enterprise data that...
Essential guide: Pandemic planning for H1N1
Discover how to prepare for a possible swine flu outbreak so your business can continue to operate smoothly and securely.
Whitelists, SaaS modify traditional security, tackle flaws
It is time for IT professionals to transform security into a capability that is as dynamic as the attack landscape, says security expert Eric Ogren of...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
defense in depth  (SearchSecurity.com)
Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise......
non-disclosure agreement  (SearchSecurity.com)




Get More security policy Answers