Writing Information Security Policies (撰寫資訊安全政策)
Scott Barman
- 出版商: New Riders
- 出版日期: 2001-11-12
- 定價: $1,100
- 售價: 5.0 折 $550
- 語言: 英文
- 頁數: 240
- 裝訂: Paperback
- ISBN: 157870264X
- ISBN-13: 9781578702640
-
相關分類:
資訊安全
立即出貨(限量) (庫存=2)
買這商品的人也買了...
-
$1,710$1,625 -
$920$727 -
$490$417 -
$450$360 -
$880$695 -
$450$351 -
$620$527 -
$780$741 -
$580$458 -
$590$466 -
$280$221 -
$750$585 -
$620$527 -
$680$537 -
$480$374 -
$690$538 -
$720$562 -
$780$616 -
$720$569 -
$560$476 -
$520$406 -
$380$300 -
$750$593 -
$1,270$1,207 -
$450$351
相關主題
商品描述
Administrators, more technically savvy than their managers, have started to
secure the networks in a way they see as appropriate. When management catches up
to the notion that security is important, system administrators have already
altered the goals and business practices. Although they may be grateful to these
people for keeping the network secure, their efforts do not account for all
assets and business requirementsFinally, someone decides it is time to write a
security policy. Management is told of the necessity of the policy document, and
they support its development. A manager or administrator is assigned to the task
and told to come up with something, and fast!Once security policies are written,
they must be treated as living documents. As technology and business
requirements change, the policy must be updated to reflect the new
environment--at least one review per year. Additionally, policies must include
provisions for security awareness and enforcement while not impeding corporate
goals. This book serves as a guide to writing and maintaining these
all-important security policies.
Table of Contents
I. STARTING THE POLICY PROCESS.
2. Determining Your Policy Needs.
3. Information Security Responsibilities.
II. WRITING THE SECURITY POLICIES.
5. Authentication and Network Security.
6. Internet Security Policies.
7. Email Security Policies.
8. Viruses, Worms, and Trojan Horses.
9. Encryption.
10. Software Development Policies.
III. MAINTAINONG THE POLICIES.
12. Compliance and Enforcement.
13. The Policy Review Process.
IV. APPENDIXES.
Appendix B. Resources.
Appendix C. Sample Policies.
Index.
商品描述(中文翻譯)
管理者比他們的經理更具技術能力,已經開始以他們認為合適的方式保護網絡。當管理層意識到安全的重要性時,系統管理員已經改變了目標和業務實踐。儘管他們可能對這些人保持網絡安全感到感激,但他們的努力並不能涵蓋所有資產和業務需求。最後,有人決定是時候撰寫一份安全政策了。管理層被告知政策文件的必要性,並支持其制定。一位經理或管理員被指派負責這項任務,並被告知要快速完成!一旦撰寫了安全政策,它們必須被視為活的文件。隨著技術和業務需求的變化,政策必須更新以反映新的環境-至少每年進行一次審查。此外,政策必須包括安全意識和執行的規定,同時不妨礙企業目標。本書作為撰寫和維護這些至關重要的安全政策的指南。
目錄
I. 開始政策過程。
2. 確定您的政策需求。
3. 信息安全責任。
II. 撰寫安全政策。
5. 認證和網絡安全。
6. 互聯網安全政策。
7. 電子郵件安全政策。
8. 病毒、蠕蟲和特洛伊木馬。
9. 加密。
10. 軟件開發政策。