David, Found this in the SANS reading room:
http://www.sans.org/reading_room/whitepapers/policyissues/technical_writing_for_it_security_policies_in_five_easy_steps_492?show=492.php&cat=policyissues On Sat, Oct 3, 2009 at 11:24 AM, David A. Gershman < [email protected]> wrote: > > Hi All, > > I have a 'demo' network made up of HW from different vendors. Each > vendor wants to VPN in to their equipment. All the equipment (which has > pretty much no security) is linked together by a switch (which also has > pretty much no security...not my doing). > > I want to draft a security policy for the vendors to sign prior to > connection releasing 'my employer' from liability should one vendor's > VPN client get infected as a result of another vendor's VPN client. > (i.e. using the demo network as a bridge) > > Anyone know where I can find sample security policies (hopefully not 10s > of pages long) which may include such type clauses (releasing all > liability)? > > Thanks. > > ---------------------------------------- > David A. Gershman > [email protected] > http://dagertech.net/gershman/ > "It's all about the path!" --d. gershman > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
