IT Infrastructure Security Policies

Satisfactory Essays
IT Infrastructure Security Policies Defining policies for every domain of an IT infrastructure breaks down in depth how each entity should be properly used. The policies should also identify the key players that will play a key role in ensuring optimum use of all devices, as well as establishing and maintaining security throughout the process of information traveling through the Infrastructure. Here are some best practices to keep in mind when defining policies for a few of the domains within the infrastructure:
Workstation Domain
Who: End Users, IT Staff
What: Physical and Logical Security
When: Physical security is important before and after it is accessed by authorized personnel, and Logical security is important during end-user use of a workstation
Why: Physical security must be maintained, because no matter what logical measures are taken, if an unauthorized person is able to gain hands-on access directly to a workstation, they can wreak havoc on the organization’s systems. Since we never know who may be around, it is equally as important to lock or logout of a workstation when leaving the desk, and never leave passwords near it. IT Staff needs to ensure all systems have the appropriate software for both day-to-day operations, as well as workstation security are installed to prevent the need to download more additional software, and prevent malware from being loaded into the system.
WAN Domain
Who: Any personnel needing a connection to the Internet, IS department, Management
What: Connections outside the local area (LAN)
When: Before connecting to the Internet, and while using the Internet
Why: Management should define the policies for the reason to use the Internet, how to use the Internet, responsibilities of the person online, and consequences for in appropriate use. This will allow the IS department to take measures to ensure security over the Web, while still allowing for successful business to be conducted.
Remote Access Domain
Who: Remote access

You May Also Find These Documents Helpful

  • Good Essays

    technology, threats also rise with them as well. Having the ability to keep a network up and running to its maximum ability is not only a job, it’s a business that has responsibility. Having infrastructure security is vital in order to ensure the integrity and stability of the network for Layer 1. Infrastructure Physical Media Layer 1 is the physical layer of a network according to the OSI model. Electricity in this layer is the most fundamental because all of the networking equipment, devices…

    • 974 Words
    • 4 Pages
    Good Essays
  • Good Essays

    Poor Infrastructure Security Model Definition In evaluating Figure 5.4, Example of an archetypal credible as an adjustment diagram. An arrangement accent access to account on abstract's management. (From Hughes, M. 2006. Journal of Account Studies a brace of (1): 76–90. It’s incredible how important bendability of aegis roles, processes and definitions of address and achievement are beyond an enterprise. The absorbed of this assay is to aftermath a blueprint of roles, address or performs; abstracts…

    • 502 Words
    • 3 Pages
    Good Essays
  • Good Essays

    Security Policy

    • 966 Words
    • 4 Pages

    Law and Policy Case Stud Project: Law and Policy Case Study Date: 4/9/2013 Policies define a set of rules and procedures that all employees must abide by. It exist, first and foremost, to inform employees of what is and is not acceptable behavior in the organization. Information security is there to make sure that all of the organization's data are safe and secure against attacks. It sets up protocols to follow in order to achieve maximum data integrity, availability, and confidentiality…

    • 966 Words
    • 4 Pages
    Good Essays
  • Powerful Essays

    SAMPLE Security Policy

    • 3395 Words
    • 13 Pages

    performance through automation and technological innovation has propelled the company into the big leagues; GDI was only recently profiled in Fortune Magazine. The GDI security policy displays the company stand on the value and importance of GDI information infrastructure, and states that internally and externally that infrastructure is an asset, the property of the GDI, and is to be protected from unauthorized access, modification, disclosure, and destruction. (SANS, 2007) GDI is committed to protecting…

    • 3395 Words
    • 13 Pages
    Powerful Essays
  • Satisfactory Essays

    Wireless Security Policy

    • 462 Words
    • 2 Pages

    Wireless security policy for a medium-sized banking organization using the following structure: Wireless Security Policy - A wireless policy for a medium-sized banking organization will needed to deploy a wireless LAN to the network and there will not need an onsite IT. The remote can be manage by a standalone intelligent access point which will integrated the wireless LAN by streamline the configuration and management the system. The Network infrastructure wills us a Cisco system for Layer 2 and…

    • 462 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    SECURITY POLICY PAPER

    • 2529 Words
    • 8 Pages

    Global Distribution Inc. Security Policy CMIT 320 Abstract This report includes a brief security risk assessment of the Global Distribution Inc. Information Technology systems. This report discusses the current state of IT security risk within the organization relative to network security, areas of vulnerability and security assessments that must be addressed if the company is…

    • 2529 Words
    • 8 Pages
    Powerful Essays
  • Powerful Essays

    Security Policy Framework

    • 2433 Words
    • 10 Pages

    Information Security Policy Framework Information Security Policy Framework Information Security Policy Framework For the healthcare industry it is important to have an Information Security Policy Framework within the organization to protect information that is accessed across the network by staff personnel and patients. In accordance with ISO/IEC 27799:2008, we begin to define the guidelines to support the interpretation and implementation…

    • 2433 Words
    • 10 Pages
    Powerful Essays
  • Powerful Essays

    Security Awareness Policy

    • 1733 Words
    • 3 Pages

    Security Awareness Policy (statement 1) The Information Security (IS) team is responsible for promoting on­going security awareness to all information system users. A Security Awareness program must exist to establish formal methods by which secure practices are communicated throughout the corporation. Security guidance must exist in the form of formal written policies and procedures that define the principles of secure information system use and the responsibility of users to follow them…

    • 1733 Words
    • 3 Pages
    Powerful Essays
  • Best Essays

    Information Security Policy

    • 3396 Words
    • 14 Pages

    Appendix B INFORMATION SECURITY POLICY Table of Contents 1. Executive Summary 1 2. Introduction 2 3. Disaster Recovery Plan 5 3.1. Key elements of the Disaster Recovery Plan 5 3.2. Disaster Recovery Test Plan 6 4. Physical Security Policy 8 4.1. Security of the facilities 8 4.1.1. Physical entry controls 8 4.1.2. Security offices, rooms and facilities 8 4.1.3. Isolated delivery and loading areas 9 4.2. Security of the information systems 9 4.2.1. Workplace protection 9 4.2.2. Unused…

    • 3396 Words
    • 14 Pages
    Best Essays
  • Powerful Essays

    Organization security policy Praveen Reddy, Polam Wilmington University Table of Contents Abstract…………………………………………………………………………………………...Error: Reference source not found Introduction………………………………………………………………………………………3 Implementing security policy……………………………………………………………………..Error: Reference source not found Importance of security policy……………………………………………………………………..Error: Reference source not found Conclusion………………………………………………………………………………………...Error: Reference source not found References…………………………………………………………………………………………7…

    • 1134 Words
    • 3 Pages
    Powerful Essays