Hudson Business Networks - Secure Solutions
Information Security
Information Security

Security Policies
 

Security Policy

Acceptable Usage Policy

Privacy Policy

Enforcement Policy

Logging & Monitoring

Assessments

Security Products

Secure Architectures

Investigations

Firewalls

Intrusion Detection

Virtual Networks

Content Filtering

Security News

Internet Services Networking Technologies Web Development Consulting Services Systems Support
About Hudson Business Networks Partnerships Privacy Contact Hudson Business Networks

Security Policy

Hudson Business Networks understands the complexities within an information environment. Our team of security experts can guide organizations through the process of creating a security policy that is right for their organization. We work with organizations to help them define their security goals, objectives, and philosophy.

Our engineers know the requirements needed to comply with increasingly complex governmental regulations concerning privacy and information security.

Additionally, we can help an organization with industry best practices. This includes how other companies are dealing with the same issues, how others, in like industries, are securing their infrastructures.

Why do organizations need security policies?

Security policies are needed to manage, mitigate, and eliminate risk to companies, organizations, institutions, and agencies. Risks to organizations include criminal activity, civil liability, regulatory compliance, employee misconduct, and equipment failure.

What is a Security Policy?

A security policy is: a document that contains management's directives that define the role of security in an organization. It determines how an organization will setup and administer their security program. It dictates security goals and objectives, assigns roles and responsibilities, it defines the value of the security program, and details how the security policy will be implemented and enforced.

The role of a Security Policy in an organization

Security Policies protect an organization by managing risk, reducing liability, communicating priorities, and exercising "Due Care". "Due Care" is the reasonable measures that a company takes to protect it's self and to prevent harm to others. Senior management is ultimately responsible for the company's assets, information resources, managing risk, and exercising "Due Care".

What is in a security policy?

A security policy must address some core components. Other components are dependent on the organizations security objectives, government regulatory compliance, existing policies, installed infrastructure, risks to the organization, financial information, privacy requirements, and vendor / supplier requirements.

© 2003 Hudson Business Networks
Information Security