{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}


Server_Security_Policy - Server Security Policy Crea ted by...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Server Security Policy Created by or for the SANS Institute. Feel free to modify or use for your organization. If you have a policy to contribute, please send e-mail to [email protected] 1.0 Purpose The purpose of this policy is to establish standards for the base configuration of internal server equipment that is owned and/or operated by <Company Name>. Effective implementation of this policy will minimize unauthorized access to <Company Name> proprietary information and technology. 2.0 Scope This policy applies to server equipment owned and/or operated by <Company Name>, and to servers registered under any <Company Name>-owned internal network domain. This policy is specifically for equipment on the internal <Company Name> network. For secure configuration of equipment external to <Company Name> on the DMZ, refer to the Internet DMZ Equipment Policy . 3.0 Policy 3.1 Ownership and Responsibilities All internal servers deployed at <Company Name> must be owned by an operational group that is responsible for system administration. Approved server configuration guides must be established and maintained by each operational group, based on business needs and approved by InfoSec. Operational
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}