SlideShare a Scribd company logo

Lecture 12 security policy

Tanveer Malik
Tanveer Malik

MCSE Lectures

Education
1 of 13
Download to read offline
Microsoft Certified Solutions Expert Lecture No.12 security Policy Copyrights By Tanveer Malik
Security Policy • In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets. • A security policy is often considered to be a "living document", meaning that the document is never finished, but is continuously updated as technology and employee requirements change. Copyrights By Tanveer Malik
Security Policy • A company's security policy may include an acceptable use policy. • A description of how the company plans to educate its employees about protecting the company's assets. • An explanation of how security measurements will be carried out and enforced. Copyrights By Tanveer Malik
Security Policy • A procedure for evaluating the effectiveness of the security policy to ensure that necessary corrections will be made. • A Security policy is a definition of what it means to be secure for a system, organization or other entity. • If it is important to be secure, then it is important to be sure all of the security policy is enforced by mechanisms that are strong enough. Copyrights By Tanveer Malik
Security Policy • Access Control (AC) is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization. • A computer security policy defines the goals and elements of an organization's computer systems Copyrights By Tanveer Malik
Security Policy • The definition can be highly formal or informal. • Security policies are enforced by organization- al policies or security mechanisms. • A technical implementation defines whether a computer system is secure or insecure. Copyrights By Tanveer Malik
Security Policy • A user account policy is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks. • It is very important for large sites where users typically have accounts on many systems. • Some sites have users read and sign an account policy as part of the account request process. Copyrights By Tanveer Malik
Security Policy • A Network Security policy is a generic document that outlines rules for computer network access, determines how policies are enforced and lays out some of the basic architecture of the company security/ network security environment. • The document itself is usually several pages long and written by a committee. Copyrights By Tanveer Malik
Copyrights By Tanveer Malik
Policy Content • Should state who has the authority to approve account requests. • Should state who is allowed to use the resources (e.g., employees or students only) • Should state any citizenship/resident requirements. • Should state if users are allowed to share accounts or if users are allowed to have multiple accounts on a single host. Copyrights By Tanveer Malik
Policy Content • Should state the users’ rights and responsibilities. • Should state when the account should be disabled and archived. • Should state how long the account can remain inactive before it is disabled. • Should state password construction and aging rules. Copyrights By Tanveer Malik
Security Policy • For locating SP on windows other then Windows 7. • Open Local Security Policy: click Start, type, secpol.msc. Checkout All Security Policies Copyrights By Tanveer Malik
Lecture 12 security policy

Recommended

Secuntialesse
SecuntialesseSecuntialesse
SecuntialesseAnne Starr
 
Erp 40
Erp 40Erp 40
Erp 40prasanna gandham
 
Sec4
Sec4Sec4
Sec4Anne Starr
 
)k
)k)k
)kAnne Starr
 
insider threat research
insider threat researchinsider threat research
insider threat researchAsma Al-maskaria
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 

Recommended

Secuntialesse
SecuntialesseSecuntialesse
SecuntialesseAnne Starr
 
Erp 40
Erp 40Erp 40
Erp 40prasanna gandham
 
Sec4
Sec4Sec4
Sec4Anne Starr
 
)k
)k)k
)kAnne Starr
 
insider threat research
insider threat researchinsider threat research
insider threat researchAsma Al-maskaria
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2Information Assurance And Security - Chapter 1 - Lesson 2
Information Assurance And Security - Chapter 1 - Lesson 2MLG College of Learning, Inc
 
Introduction to information security - by Ivan Nganda
Introduction to information security - by Ivan NgandaIntroduction to information security - by Ivan Nganda
Introduction to information security - by Ivan NgandaSee You Rise Holdings
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1Hamed Moghaddam
 
IT Asset Management
IT Asset ManagementIT Asset Management
IT Asset ManagementMDS TS
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Chap5 2007 C I S A Review Course
Chap5 2007 C I S A Review CourseChap5 2007 C I S A Review Course
Chap5 2007 C I S A Review CourseDesmond Devendran
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
Cyber war scenario what are the defenses
Cyber war scenario what are the defenses Cyber war scenario what are the defenses
Cyber war scenario what are the defenses A. V. Rajabahadur
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security ExplainedHappiest Minds Technologies
 
3.5 ICT Policies
3.5 ICT Policies3.5 ICT Policies
3.5 ICT Policiesmrmwood
 
Cybertopicsecurity_3
Cybertopicsecurity_3Cybertopicsecurity_3
Cybertopicsecurity_3Anne Starr
 
Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1MLG College of Learning, Inc
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Cis326week1lesson1
Cis326week1lesson1Cis326week1lesson1
Cis326week1lesson1Fahad_1
 
Lesson 1
Lesson 1Lesson 1
Lesson 1MLG College of Learning, Inc
 
Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4MLG College of Learning, Inc
 
Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud AKHIL969626
 
Secure Your Career Shift With Computer-Security Training
Secure Your Career Shift With Computer-Security TrainingSecure Your Career Shift With Computer-Security Training
Secure Your Career Shift With Computer-Security TrainingCCI Training Center
 
Cisa 2013 ch0
Cisa 2013 ch0Cisa 2013 ch0
Cisa 2013 ch0Aladdin Dandis
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 
crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Information Security
Information SecurityInformation Security
Information SecurityDhilsath Fathima
 

More Related Content

What's hot

Introduction to information security - by Ivan Nganda
Introduction to information security - by Ivan NgandaIntroduction to information security - by Ivan Nganda
Introduction to information security - by Ivan NgandaSee You Rise Holdings
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1Hamed Moghaddam
 
IT Asset Management
IT Asset ManagementIT Asset Management
IT Asset ManagementMDS TS
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security FrameworkNada G.Youssef
 
Chap5 2007 C I S A Review Course
Chap5 2007 C I S A Review CourseChap5 2007 C I S A Review Course
Chap5 2007 C I S A Review CourseDesmond Devendran
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware anAKHIL969626
 
Cyber war scenario what are the defenses
Cyber war scenario what are the defenses Cyber war scenario what are the defenses
Cyber war scenario what are the defenses A. V. Rajabahadur
 
3.5 ICT Policies
3.5 ICT Policies3.5 ICT Policies
3.5 ICT Policiesmrmwood
 
Cybertopicsecurity_3
Cybertopicsecurity_3Cybertopicsecurity_3
Cybertopicsecurity_3Anne Starr
 
Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1MLG College of Learning, Inc
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Cis326week1lesson1
Cis326week1lesson1Cis326week1lesson1
Cis326week1lesson1Fahad_1
 
Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4MLG College of Learning, Inc
 
Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud AKHIL969626
 
Secure Your Career Shift With Computer-Security Training
Secure Your Career Shift With Computer-Security TrainingSecure Your Career Shift With Computer-Security Training
Secure Your Career Shift With Computer-Security TrainingCCI Training Center
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security BlueprintZefren Edior
 

What's hot (20)

Introduction to information security - by Ivan Nganda
Introduction to information security - by Ivan NgandaIntroduction to information security - by Ivan Nganda
Introduction to information security - by Ivan Nganda
 
CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1CISSP Certification- Security Engineering-part1
CISSP Certification- Security Engineering-part1
 
IT Asset Management
IT Asset ManagementIT Asset Management
IT Asset Management
 
Chapter 3: Information Security Framework
Chapter 3: Information Security FrameworkChapter 3: Information Security Framework
Chapter 3: Information Security Framework
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
Chap5 2007 C I S A Review Course
Chap5 2007 C I S A Review CourseChap5 2007 C I S A Review Course
Chap5 2007 C I S A Review Course
 
Running head hardware and software security14 hardware an
Running head hardware and software security14 hardware anRunning head hardware and software security14 hardware an
Running head hardware and software security14 hardware an
 
Cyber war scenario what are the defenses
Cyber war scenario what are the defenses Cyber war scenario what are the defenses
Cyber war scenario what are the defenses
 
Data Security Explained
Data Security ExplainedData Security Explained
Data Security Explained
 
3.5 ICT Policies
3.5 ICT Policies3.5 ICT Policies
3.5 ICT Policies
 
Cybertopicsecurity_3
Cybertopicsecurity_3Cybertopicsecurity_3
Cybertopicsecurity_3
 
Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1Information Assurance And Security - Chapter 2 - Lesson 1
Information Assurance And Security - Chapter 2 - Lesson 1
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Cis326week1lesson1
Cis326week1lesson1Cis326week1lesson1
Cis326week1lesson1
 
Lesson 1
Lesson 1Lesson 1
Lesson 1
 
Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4Information Assurance And Security - Chapter 1 - Lesson 4
Information Assurance And Security - Chapter 1 - Lesson 4
 
Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud Running head technology vulnerabilities in the cloud
Running head technology vulnerabilities in the cloud
 
Secure Your Career Shift With Computer-Security Training
Secure Your Career Shift With Computer-Security TrainingSecure Your Career Shift With Computer-Security Training
Secure Your Career Shift With Computer-Security Training
 
Cisa 2013 ch0
Cisa 2013 ch0Cisa 2013 ch0
Cisa 2013 ch0
 
Information Security Blueprint
Information Security BlueprintInformation Security Blueprint
Information Security Blueprint
 

Similar to Lecture 12 security policy

crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptxdotco
 
Lecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.pptLecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.pptDrBasemMohamedElomda
 
Human Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptxHuman Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptxShreeveni
 
Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Chinatu Uzuegbu
 
There are two general types of data dictionaries a database manag
There are two general types of data dictionaries a database managThere are two general types of data dictionaries a database manag
There are two general types of data dictionaries a database managGrazynaBroyles24
 
HIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician PracticesHIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician PracticesCole Libby
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptxdotco
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Kirti Ahirrao
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeBrenda Majewski
 
12 security policies
12 security policies12 security policies
12 security policiesSaqib Raza
 
Securing Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation NotesSecuring Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation Notesedwinlorenzana
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentAdetula Bunmi
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxrahulkumarcscsf21
 
School of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComSchool of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComAlleneMcclendon878
 

Similar to Lecture 12 security policy (20)

crisc_wk_5.pptx
crisc_wk_5.pptxcrisc_wk_5.pptx
crisc_wk_5.pptx
 
Information Security
Information SecurityInformation Security
Information Security
 
Network Security of Windows Servers
Network Security of Windows ServersNetwork Security of Windows Servers
Network Security of Windows Servers
 
Lecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.pptLecture 2 - Security Requirments.ppt
Lecture 2 - Security Requirments.ppt
 
Human Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptxHuman Factors_MODULE_2.pptx
Human Factors_MODULE_2.pptx
 
File000169
File000169File000169
File000169
 
PACE-IT: Security Policies and Other Documents
PACE-IT: Security Policies and Other DocumentsPACE-IT: Security Policies and Other Documents
PACE-IT: Security Policies and Other Documents
 
Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2Cyber Security Awareness Month 2017- Nugget2
Cyber Security Awareness Month 2017- Nugget2
 
There are two general types of data dictionaries a database manag
There are two general types of data dictionaries a database managThere are two general types of data dictionaries a database manag
There are two general types of data dictionaries a database manag
 
HIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician PracticesHIPAA and Security Management for Physician Practices
HIPAA and Security Management for Physician Practices
 
CISA_WK_4.pptx
CISA_WK_4.pptxCISA_WK_4.pptx
CISA_WK_4.pptx
 
Chapter 1 introduction(web security)
Chapter 1 introduction(web security)Chapter 1 introduction(web security)
Chapter 1 introduction(web security)
 
NARCA Presentation - IT Best Practice
NARCA Presentation - IT Best PracticeNARCA Presentation - IT Best Practice
NARCA Presentation - IT Best Practice
 
12 security policies
12 security policies12 security policies
12 security policies
 
Securing Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation NotesSecuring Citizen Facing Applications Presentation Notes
Securing Citizen Facing Applications Presentation Notes
 
Jason r mc kinney halfday
Jason r mc kinney halfdayJason r mc kinney halfday
Jason r mc kinney halfday
 
The Importance of Security within the Computer Environment
The Importance of Security within the Computer EnvironmentThe Importance of Security within the Computer Environment
The Importance of Security within the Computer Environment
 
System Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptxSystem Security Sem 2(Module 1).pptx
System Security Sem 2(Module 1).pptx
 
Information Security - I.T Project Management
Information Security - I.T Project ManagementInformation Security - I.T Project Management
Information Security - I.T Project Management
 
School of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud ComSchool of Computer & Information SciencesITS-532 Cloud Com
School of Computer & Information SciencesITS-532 Cloud Com
 

More from Tanveer Malik

Lecture 11 active directory
Lecture 11 active directoryLecture 11 active directory
Lecture 11 active directoryTanveer Malik
 
Lecture 10 i pv4 & ipv6
Lecture 10 i pv4 & ipv6Lecture 10 i pv4 & ipv6
Lecture 10 i pv4 & ipv6Tanveer Malik
 
Lecture 9 file system
Lecture 9 file systemLecture 9 file system
Lecture 9 file systemTanveer Malik
 
Lecture 8 disk management
Lecture 8 disk managementLecture 8 disk management
Lecture 8 disk managementTanveer Malik
 
Lecture 6 internet services in network
Lecture 6 internet services in networkLecture 6 internet services in network
Lecture 6 internet services in networkTanveer Malik
 
Lecture 5 software to control network
Lecture 5 software to control networkLecture 5 software to control network
Lecture 5 software to control networkTanveer Malik
 
Lecture 4 sharing of resources on network
Lecture 4 sharing of resources on networkLecture 4 sharing of resources on network
Lecture 4 sharing of resources on networkTanveer Malik
 
Lecture 3 transmission media
Lecture 3 transmission mediaLecture 3 transmission media
Lecture 3 transmission mediaTanveer Malik
 
Lecture 2 protocol details
Lecture 2 protocol detailsLecture 2 protocol details
Lecture 2 protocol detailsTanveer Malik
 
Lecture 1 networking types roles
Lecture 1 networking types rolesLecture 1 networking types roles
Lecture 1 networking types rolesTanveer Malik
 

More from Tanveer Malik (20)

Lecture 11 active directory
Lecture 11 active directoryLecture 11 active directory
Lecture 11 active directory
 
Lecture 10 i pv4 & ipv6
Lecture 10 i pv4 & ipv6Lecture 10 i pv4 & ipv6
Lecture 10 i pv4 & ipv6
 
Lecture 9 file system
Lecture 9 file systemLecture 9 file system
Lecture 9 file system
 
Lecture 8 disk management
Lecture 8 disk managementLecture 8 disk management
Lecture 8 disk management
 
Lecture 6 internet services in network
Lecture 6 internet services in networkLecture 6 internet services in network
Lecture 6 internet services in network
 
Lecture 5 software to control network
Lecture 5 software to control networkLecture 5 software to control network
Lecture 5 software to control network
 
Lecture 4 sharing of resources on network
Lecture 4 sharing of resources on networkLecture 4 sharing of resources on network
Lecture 4 sharing of resources on network
 
Lecture 3 transmission media
Lecture 3 transmission mediaLecture 3 transmission media
Lecture 3 transmission media
 
Lecture 2 protocol details
Lecture 2 protocol detailsLecture 2 protocol details
Lecture 2 protocol details
 
Lecture 1 networking types roles
Lecture 1 networking types rolesLecture 1 networking types roles
Lecture 1 networking types roles
 
Lecture 12
Lecture 12Lecture 12
Lecture 12
 
Lecture 11
Lecture 11Lecture 11
Lecture 11
 
Lecture 10
Lecture 10Lecture 10
Lecture 10
 
Lecture 9
Lecture 9Lecture 9
Lecture 9
 
Lecture 8
Lecture 8Lecture 8
Lecture 8
 
Lecture 7
Lecture 7Lecture 7
Lecture 7
 
Lecture 6
Lecture 6Lecture 6
Lecture 6
 
Lecture 5
Lecture 5Lecture 5
Lecture 5
 
Lecture 4
Lecture 4Lecture 4
Lecture 4
 
Lecture 3
Lecture 3Lecture 3
Lecture 3
 

Recently uploaded

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 

Recently uploaded (20)

INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 

Lecture 12 security policy

  • 1. Microsoft Certified Solutions Expert Lecture No.12 security Policy Copyrights By Tanveer Malik
  • 2. Security Policy • In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets. • A security policy is often considered to be a "living document", meaning that the document is never finished, but is continuously updated as technology and employee requirements change. Copyrights By Tanveer Malik
  • 3. Security Policy • A company's security policy may include an acceptable use policy. • A description of how the company plans to educate its employees about protecting the company's assets. • An explanation of how security measurements will be carried out and enforced. Copyrights By Tanveer Malik
  • 4. Security Policy • A procedure for evaluating the effectiveness of the security policy to ensure that necessary corrections will be made. • A Security policy is a definition of what it means to be secure for a system, organization or other entity. • If it is important to be secure, then it is important to be sure all of the security policy is enforced by mechanisms that are strong enough. Copyrights By Tanveer Malik
  • 5. Security Policy • Access Control (AC) is the selective restriction of access to a place or other resource. The act of accessing may mean consuming, entering, or using. Permission to access a resource is called authorization. • A computer security policy defines the goals and elements of an organization's computer systems Copyrights By Tanveer Malik
  • 6. Security Policy • The definition can be highly formal or informal. • Security policies are enforced by organization- al policies or security mechanisms. • A technical implementation defines whether a computer system is secure or insecure. Copyrights By Tanveer Malik
  • 7. Security Policy • A user account policy is a document which outlines the requirements for requesting and maintaining an account on computer systems or networks. • It is very important for large sites where users typically have accounts on many systems. • Some sites have users read and sign an account policy as part of the account request process. Copyrights By Tanveer Malik
  • 8. Security Policy • A Network Security policy is a generic document that outlines rules for computer network access, determines how policies are enforced and lays out some of the basic architecture of the company security/ network security environment. • The document itself is usually several pages long and written by a committee. Copyrights By Tanveer Malik
  • 10. Policy Content • Should state who has the authority to approve account requests. • Should state who is allowed to use the resources (e.g., employees or students only) • Should state any citizenship/resident requirements. • Should state if users are allowed to share accounts or if users are allowed to have multiple accounts on a single host. Copyrights By Tanveer Malik
  • 11. Policy Content • Should state the users’ rights and responsibilities. • Should state when the account should be disabled and archived. • Should state how long the account can remain inactive before it is disabled. • Should state password construction and aging rules. Copyrights By Tanveer Malik
  • 12. Security Policy • For locating SP on windows other then Windows 7. • Open Local Security Policy: click Start, type, secpol.msc. Checkout All Security Policies Copyrights By Tanveer Malik