Re-Quiz : Developing Your Security Policy (Chapter 2)

New security threats pop-up.

Database are created and destroyed.

People come and go.

A security policy is a static document because the

network itself is never evolving.

Identify information that should be restricted.

Identify the level of security for your organization.

What are your risks from inappropriate use?

Keep staff informed about security policy.

Identity and Access

Management (IAM)

Microsoft Security Compliance

Toolkit

Firewall

Data Loss Prevention (DLP)

McAfee ePolicy Orchestrator

Learn from others.

Uninstall the tool that you need.

Include staff in policy development.

Train your employees.

Security Policy

Counter Measures

Policy Vulnerabilities

Standardize Software

Notifies Authority

Secure Human Resource (HR) system

Launch Backup

Identify vulnerabilities

Involve staff and administrator.

Involve security policy.

Involve hardware and data.

Involve software and data.

Staff will getting bored with the rules.

Network with haphazard compliance is almost as

bad as no policy at all.

It will exposed to a threat.

Too much security can be as bad as too little.

Ransomware

Security Threat

Vulnerabilities

Malware