Policy guidelines
Policy guidelines When writing your security policy, it is very
important to provide as much detail as possible. The guideline is simple,
“be as specific as possible” and try not to leave any room for interpretation.
A security policy is designed to be a method of protection.
For example, when you describe your hardware and software configuration,
include as much detail as you possibly can about each mobile
device that will access your WLAN. You should include the device configuration,
unique wireless MAC address, and specific login credentials
that let you know exactly what type of device you are communicating
with. The idea is to maintain as much knowledge as possible about the
devices on your network. If someone tries to spoof a device, you have a
reference point that more quickly allows you to determine discrepancies
in the connection that would indicate a hacker trying to breach your network
safeguards with an unauthorized device.
You can also use your security policy to immediately block out the
connection parameters from a mobile device when it has been stolen or
its login information has been compromised. Employees need to have a
clearly defined procedure that allows them to report the loss of any wireless
workstation or PDA as well as any security breach where its information
may have been compromised.
The security policy also dictates connection safeguards that involve
the use of encryption as well as other security safeguard software meant
to protect your network against possible breaches.
Timing is also an important element to specify within your policy
guidelines with respect to how often and comprehensively your organization
will perform a security vulnerability assessment. It is important to understand that there is no such thing as 100 percent security, and
the fact that devices, drivers, and software change all the time contributes
to the weakening in your security. New vulnerabilities are
found almost every day in computer operating systems, hardware, and
network connectivity. It is very important that you have a schedule of
ongoing security vulnerability assessments and continually scan and
monitor your computer systems for ways in which hackers can compromise
your network. Information is power, and that power translates into
your ability to plug any security holes before a hacker finds them and
uses them against you.
135 times read
|
|
|
Did you enjoy this article?
(total 0 votes)
|
Sections
Comments (0 posted)
Syndication
