Good afternoon everyone... First, I want to thank all of you who contributed to my inquiry about VMWare versus Dual boot... laptop versus desktop for Nessus. All of your information was helpful and I sincerely thank you.
I shared this with Sara already, but if you want to spend some money on a nice book/CD set... with a ton of great sample policies and a well thought out approach to putting policies and procedures together check out this book: Information Security Policies Made Easy by Charles Cresson. http://www.baselinesoft.com/ispme.html I completed this project about a year ago and found it to be extremely helpful. The most interesting part of putting together P & P was differentiating between user, tech and admin. These days I am deciding whether I need separate and specific policies for the techs... and admins. Any thoughts on this? If you are recommending I do so... what resources do you recommend that address this specifically? Thanks again. Eric >>> <[EMAIL PROTECTED]> Tuesday, March 26, 2002 11:38:34 PM >>> If you have the $$$'s: http://www.information-security-policies-and-standards.com/download.htm To: [EMAIL PROTECTED] cc: [EMAIL PROTECTED], [EMAIL PROTECTED] (bcc: Nicholas McKenzie) Date: 26/03/2002 02:57 From: [EMAIL PROTECTED] Subject: Re: help w/ security policies! Not all that long ago I was in a similar position at a previous employer. I found a good resource in a book called "e-policy: How to Develop Computer, E-mail, and Internet Guidelines to Protect Your Company and its Assets" by Michael R. Overly. It has guidelines and suggestions for creating a policy including those nagging HR law considerations and includes some samples that are drawn from policies in use in the real world. Cover price is $20 US ISBN 0-8144-7996-0 -WTB >snip< > > >I too searched in vain for a sample information security policy. >But I can give you some tip based on my expereince, > >This is my view of how an information security policy will look like. > >snip< > > >On Fri, 22 Mar 2002, Nil Fiat wrote: >--- snipped --- >> So hey, yesterday I got handed one of the coolest projects of my >> life: I get to write a security policy! Have I done this >> before? Hell no...but I'm sure I can, especially if you lovely >> peeps and gurus out there will point me to some resources. >> >> Peace & Packets, >> Sara T > *******************Internet Email Confidentiality Footer******************* Privileged/Confidential Information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply email. Please advise immediately if you or your employer does not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of my firm shall be understood as neither given nor endorsed by it.
