Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Security Policy for a small business

Posted on 2016-09-01
2
Medium Priority
?
121 Views
Last Modified: 2016-09-01
I am looking for a security policy for a small business to use for their employees.
Are there any good templates to start from?
0
Comment
Question by:ie0
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 2000 total points
ID: 41779823
"Security Policy" covers a lot of ground.  I can suggest looking over the SANS Security Policy template library though.
0
 
LVL 64

Expert Comment

by:btan
ID: 41780024
I suggest your policy follows the ISO 27001 headings such as these but it may be quite non-trivial to cover all quickly - esp if you intend to make it simpler at the first place (for small set)
http://www.27001-online.com/secpols.htm

Otherwise, go specific for a "scoped" policies in area of main concern. Here is one comprehensive coverage of samples and toolkit for the various IT & cyber security scope
https://www.dmoz.org/Computers/Security/Policy/Sample_Policies/

Additional supplementary alternatives include
-Clean desk policy
-Computer and e-mail acceptable use policy
-Internet acceptable use policy
-Password protection policy
-Social media and blogging policies
-Personnel access/changes policy
http://www.csoonline.com/article/3019126/security/security-policy-samples-templates-and-tools.html

If you wanted a more clean cut to have small win or glimpse to poll the stakeholders, you may check out the attached (though can be quite old). It give some sensing on coverage and simple straight to the point mandates
NHS-CFH_Corporate-InfoSec-Policy-Tem.doc
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
Check out what's been happening in the Experts Exchange community.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question