Network Security Policy/AUP
Results 1 to 7 of 7

Thread: Network Security Policy/AUP

  1. #1
    Senior Member
    Join Date
    Sep 2001
    Posts
    150

    Network Security Policy/AUP

    I'm going to be doing some cosulting work for outside companies and will be evaluating exisitng NSP documents, as well as helping them update them or create them from scratch if need be.

    I've written one in the past for my old job, and am trying to get a friend to find it and email it to me, but I'm sure it wasn't anywhere near comprehensive.

    Does anyone have a company security policy and/or AUP that they'd be willing to share with me? I'm just looking for a bunch of generic stuff that I can combine into something relatively comprehensive for clients.

    For security reasons, If you would happen to post, or email me a copy...please make sure to find(replace) your company name and replace it with something generic. I don't want to know the names of the places you work or any crucial info like that...just some text on how your IT staff prepares security, password options, physical security, etc.

    If any of you have one to share, pleae post or PM me if you'd like to email.

    Thanks a million.

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    When I was a sysadmin we were never organised enough to get an AUP up. Anyway, if you're looking for where to start, have a look at some ISP's AUPs, for instance, BT's here

    http://www.abuse-guidance.com/

    Slarty

  3. #3
    Junior Member
    Join Date
    Apr 2003
    Posts
    5
    Try searching on www.sans.org
    You'll find templates for several infosec policies, including AUP.

  4. #4
    Senior Member
    Join Date
    Sep 2001
    Posts
    1,027
    Thanx for the pointer naukrup. Exact url of that reference would be
    http://www.sans.org/resources/policies/#template

    This is an intersting/refreshing(!) topic. I myself wanted to (read "should have already"!) write a set of policies but haven't found time nor would have known where to start...

    Ammo
    Credit travels up, blame travels down -- The Boss

  5. #5
    Senior Member
    Join Date
    Sep 2001
    Posts
    150
    Thanks guys for the links.

    I've been to a couple hundred different sites and downloaded some AUP's and NSP's, but none of them seem quite as robust as I was looking for. Most of them were colleges and are at most about 2 pages.

    I've looked at the templates as well, but many of them seem very generic (as templates should be). I'm looking for something that is in place and 'seems to work well.'

    I wish I could get my old one from the other company, but it seems it may have been deleted (as security doesn't seem to be a priority out there after I left).

    Ammo: I've downloaded quite a bit, and am in the process of writing a bunch of crap up. If you ever get around to it, post some stuff up for those of us wanting to do it (again).

  6. #6
    Senior Member
    Join Date
    Apr 2003
    Posts
    147
    there was an excellent 3 or 4 part guide on securityfocus.com a while back, I'll see if I can get the link in a little while. It was a great guide to creating a well thought out security policy. Just a great read if I remember correctly.

  7. #7
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    jezter6, I PM'ed you a copy of the policy I have in place at my company. I am not sure if it's what you looking for, but have a look, if you can use any or all of it, be my guest.


    Cheers:
    DjM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •