Need help in preparing security policy from scratch!

TechmaniaTechmania Registered Users Posts: 5 ■■■□□□□□□□
[COLOR=rgba(0, 0, 0, 0.701961)][FONT=&quot]Dear All, [/FONT][/COLOR]

[COLOR=rgba(0, 0, 0, 0.701961)][FONT=&quot]I am in the process of creating security policy for databases from scratch. Currently I am referring to templates available through SANS website but looking for something better as well. There are lot of similar work items lined up for me this year so looking for places I can find security templates.[/FONT][/COLOR]
[COLOR=rgba(0, 0, 0, 0.701961)][FONT=&quot]Seeking your help and guidance on the same. Thanks in advance![/FONT][/COLOR]

Comments

  • TacoRocketTacoRocket Member Posts: 497 ■■■■□□□□□□
    Not to be rude, but you want our help doing your work? We started from scratch or used templates for inspiration. Not much else there is to it.

    Experience helps. As does incidents.
    These articles and posts are my own opinion and do not reflect the view of my employer.

    Website gave me error for signature, check out what I've done here: https://pwningroot.com/
  • jamthatjamthat Member Posts: 304 ■■■□□□□□□□
    SANS is a good place to start (although most examples are quite a bit old), but that's all I used to get started when I was doing heavy policy development for a security program and it helped out.

    These types of things aren't one size fits all, so multiple examples may not help much. Among many other things, these policies you're developing will be heavily dependent on what regulations your company is subject to and the environment overall.
  • tedjamestedjames Member Posts: 1,179 ■■■■■■■■□□
    Do a Google search on information security policy templates. Sometimes government agencies and universities actually post their templates and completed policies online.
  • RepliconReplicon Member Posts: 124 ■■■□□□□□□□
    start we SANS and then do google search for publicly accessible policies, read through them to get ideas.
  • soccarplayer29soccarplayer29 Member Posts: 230 ■■■□□□□□□□
    Check out Center For Internet Security (CIS) benchmarks they can be a great resource and have hardening guides (benchmarks) for various databases, operating systems, etc.
    Certs: CISSP, CISA, PMP
Sign In or Register to comment.