Network policies are set of conditions, constraints, and settings that allows us to designate who is authorized to connect to the network and the circumstances under which they can or cannot connect.
A network security policy is a generic document that outlines rules for computer network access, determeines how policies are enforced and lays out some of the basic architecture of the company security/ network security environment. The document itself is usually several pages long and written by committee. It is a very complex document, meant to govern data access, web-browsing habits, use of passwords and encryption, email attachments etc. It specifies these rules for individuals or groups of individuals throughout the company.
Security policies of a company should be such that it will be help keep the malicious users out and exert control over potential risky users within the organization. The security policy should suggesr a hierarchy of access permissions, granting users or group of users access only to what is necessary for the completion of their work. The committe responsible for waiting the network policy should understand what information and services should be available to which users, what the potential is for damage and whether any protection is already in place to prevent misuse.
The policies could be expressed as a set of instructions that would be understood by special purpose network hardware dedicated for securing the network.
No comments:
Post a Comment