Security Policy

Why Trust Techopedia

What Does Security Policy Mean?

A security policy is a written document in an organization outlining how to protect the organization from threats, including computer security threats, and how to handle situations when they do occur.

Advertisements

A security policy must identify all of a company’s assets as well as all the potential threats to those assets. Company employees need to be kept updated on the company’s security policies. The policies themselves should be updated regularly as well.

Techopedia Explains Security Policy

A security policy should outline the key items in an organization that need to be protected. This might include the company’s network, its physical building, and more. It also needs to outline the potential threats to those items. If the document focuses on cyber security, threats could include those from the inside, such as possibility that disgruntled employees will steal important information or launch an internal virus on the company’s network. Alternatively, a hacker from outside the company could penetrate the system and cause loss of data, change data, or steal it. Finally, physical damage to computer systems could occur.

When the threats are identified, the likelihood that they will actually occur must be determined. A company must also determine how to prevent those threats. Instituting certain employee policies as well as strong physical and network security could be a few safeguards. There also needs to be a plan for what to do when a threat actually materializes. The security policy should be circulated to everyone in the company, and the process of safeguarding data needs to be reviewed regularly and updated as new people come on board.

Advertisements

Related Terms

Margaret Rouse
Editor

Margaret jest nagradzaną technical writerką, nauczycielką i wykładowczynią. Jest znana z tego, że potrafi w prostych słowach pzybliżyć złożone pojęcia techniczne słuchaczom ze świata biznesu. Od dwudziestu lat jej definicje pojęć z dziedziny IT są publikowane przez Que w encyklopedii terminów technologicznych, a także cytowane w artykułach ukazujących się w New York Times, w magazynie Time, USA Today, ZDNet, a także w magazynach PC i Discovery. Margaret dołączyła do zespołu Techopedii w roku 2011. Margaret lubi pomagać znaleźć wspólny język specjalistom ze świata biznesu i IT. W swojej pracy, jak sama mówi, buduje mosty między tymi dwiema domenami, w ten…