[Pauldotcom] IT Security Policy

[Rob Fuller]

Microsoft has numerous "Best Practices" papers and worksheets. You can
also start with the DoD policies, but you'll probably die of old age
before you even get done reading them.

The problem with all of the current policies that you can probably
find by DoD / SANS / Microsoft is they don't conform to your SMB
(Small to medium biz). Best I can recommend is shooting the guys at
SMB Minute an email and asking them. They are a podcast that focuses
on security in SMBs.

Hope this helps.


--
Rob Fuller | Mubix
Room362.com | Hak5.org | TheAcademyPro.com
Ignore this:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*




On Wed, Apr 14, 2010 at 12:12 PM, Craig Freyman <craigfreyman at gmail.com> wrote:
> I have to write a security policy for our company. We are a mall shop, and
> the "policy" that is in place is a mess. Are there any specific templates
> the group recommends?
> I see that SANS has a number of very specific policies but was wondering if
> there was an overall template that people find effective.
> Thanks,
> Craig
>
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>