Computer and Information Security Policy

Formal IT security policy helps establish standards for IT resource protection by assigning program management responsibilities and providing basic rules, guidelines, and definitions for everyone in the organization. Policy thus helps prevent inconsistencies that can introduce risks, and policy serves as a basis for the enforcement of more detailed rules and procedures.

secinf.net

Category: Computers > Security > Policy

IT Security Cookbook

An excellent guide to computer & network security with a strong focus on writing and implementing security policy. This is primarily for security managers and system administrators.

www.boran.com

Category: Computers > Security > Policy

Nemesys Computer Consultants Ltd

Based in Cambridge, UK specialising in security policy development, risk analysis, information security reviews, security-critical software development and computer security incident handling.

www.nemesys.com

Category: Computers > Security > Consultants > General and Freelance > Europe > United Kingdom

Sec Tec Computer Security Consultants

Computer security consultants advising on all aspects of modern information security, from internet Firewall, VPN and IDS installations and upgrades, through to security policy writing, and detailed security testing.

www.sec-tec.co.uk

Category: Regional > Europe > United Kingdom > Business and Economy > Computers and Internet > Sales and Services > Network Services and Products

Business Continuity and Risk Management Ltd.

Specializes in management of the risks associated with their business including security audits, penetration testing, computer forensics, policy creation and management.

www.bcrm.co.uk

Category: Computers > Security > Consultants > General and Freelance > Europe > United Kingdom

Site Security Policy Development

This paper outlines some issues that the writer of a Site Computer Security Policy may need to consider when formulating such a document.

secinf.net

Category: Computers > Security > Policy

RFC2196 (Site Security Handbook)

a guide to developing computer security policies and procedures for sites that have systems on the Internet. Published 1997.

www.cse.ohio-state.edu

Category: Computers > Security > Policy

Computer Policy Guide

A commercial manual with sample policies. Topics include: Email; Internet Usage; Personal Computer Usage; Information Security; and Document Retention.

www.computerpolicy.com

Category: Computers > Security > Policy > Companies

Master of Science in Security Engineering

Security Engineering is the computer science and engineering discipline concerned with the design and development of secure systems and applications. Security Engineering covers security of computer networks and systems as well as physical security. In addition to the technical aspects such as cryptography, protocols, and access control, the curriculum deals with the policy and management issues, integration and logistics and budgeting.

engr.smu.edu

Category: Reference > Education > Colleges and Universities > North America > United States > Texas > Southern Methodist University > Masters Programs

Perrig, Adrian

Personal site. Assistant Professor of Electrical and Computer Engineering and Engineering and Public Policy. Information and systems security, focusing on network security (Internet, mobile computing, and sensor networks).

www.ece.cmu.edu

Category: Society > People > College Life > Carnegie Mellon University > Faculty and Staff

Computing at Cornell

CIT-sponsored portal to academic and research facilities, technologies, and developer resources. Also offers University technology policies, security guidelines, and computing news.

www.cit.cornell.edu

Category: Reference > Education > Colleges and Universities > North America > United States > New York > Cornell University

Internet Security Consulting, Inc.

Security management company specializing in preventing unauthorized access. Additional services include auditing, policy, computer forensics, network architecture, outsourcing and training.

internetsecurityinc.com

Category: Computers > Security > Consultants > General and Freelance > North America > United States

Security Operations and Services

Focuses on developing, interpreting, and enforcing Penn State computer and network security policies. Responsible for incident response; providing forensic and litigation support, risk assessments, and vulnerability assessments; and security education and awareness. A division of Information Technology Services (ITS). Formerly, the Computer and Network Security Office (NETSEC).

www.psu.edu

Category: Reference > Education > Colleges and Universities > North America > United States > Pennsylvania > Penn State University > Administration

SecurityProNews

Advice on how to identify the best type of intrusion detection system for a particular environment, develop organizational guidelines for passwords, set general computer security policies, and perform a security review and risk assessment.

www.securitypronews.com

Category: Computers > Security > News and Media

Computers at Risk: Safe Computing in the Information Age

Complete text of the book by the System Security Study Committee, National Research Council, U.S, that presents a comprehensive agenda for developing nationwide policies and practices for computer security.

www.nap.edu

Category: Computers > Security > News and Media > Magazines and E-zines