What Should A Network Security Policy Look Like?

Security policies are critical to nearly all network management efforts. You may not be confident about what a security policy should look like, though. Policies for network security management projects should address these 5 issues.

Device Requirements

A policy should state which devices ought to be on the network. Likewise, it should state which ones have no business being there. An air-gapped network, for example, has to exclude anything that might connect wirelessly or by wire to the outside world. That sort of extreme network security management policy would have statements excluding cellular phones and all other SIM-connected devices.

You may also need to include requirements for network appliances. A policy for a web server system, for example, might include the monitoring and firewall devices needed to connect the network safely to the outside world.

Authentication Processes

Every policy should clarify what the organization's authentication processes are. This should address password strength and requirements. Likewise, it should cover protocols and encryption methods. You will also want to designate the acceptable grade of encryption strength. If you're going to use multifactor authentication, say so in the network management policy documents.

Traffic and Protocols

Network security management work also frequently involves excluding or including certain kinds of traffic. A company might need secure email, for example. The policy should discuss what security certificates will be in use, how the email server will perform handshakes, and which ports will be in use. A good email policy should also cover acceptable types of attachments.

Similarly, you will have to decide what types of traffic do or don't belong on the network. You can then configure the network appliances to block or route the traffic accordingly.

User Privileges

Every user should operate with the least privileges necessary to do their job. Even administrators should have limited access until they escalate their privileges to handle problems that call for stronger measures.

A limited model of user privileges will reduce the damage that might come if someone's credentials are compromised. Likewise, a limited approach will reduce the damage that might come from human errors.

Logging and Reporting Processes

Finally, you'll want to include policies for logging all traffic and actions on the network. Similarly, you'll need to produce reports. The policy should state where the reports go and who's responsible for checking them regularly. A thorough logging and reporting regime can flag problems before they have the opportunity to get out of hand.