Designing and Implementing Security Policies

This course will focus on factors feeding into the creation of organizational security policies. You'll develop an understanding of proper functions, and how to design your own security policies within business and regulatory requirements.
Course info
Level
Beginner
Updated
April 19, 2017
Duration
2h 6m
Table of contents
Description
Course info
Level
Beginner
Updated
April 19, 2017
Duration
2h 6m
Description

Without IT security policies, organizations have no framework that defines the proper and safe use of IT systems and data. In this course, Designing and Implementing Security Policies, you'll be exposed to security standards bodies, and how to create security policies based on recommendations from these standards bodies. First, you'll learn examples of implementing security settings based on security policy documentation. Next, you'll learn how to determine the finer details of security policies, including the use of specific security controls and the consequences of policy non-compliance. Finally, you'll gain insight on how technical controls can be interpreted and then implemented for policy compliance. By the end of this course, you'll have an understanding of how policy documents are laid out, and how to design and implement security policies within business and regulatory requirements.

About the author
About the author

Daniel Lachance, CompTIA Security+™, CompTIA A+®, CompTIA Network+®, CompTIA Server+, CompTIA Cloud Essentials, MCITP, MCTS, MCSA, is the owner of Lachance IT Consulting Inc. He is the author of the CompTIA Server+ Certification All-in-One Exam Guide, CompTIA Cloud Essentials Certification Study Guide, and co-author of CompTIA Security+ Certification Practice Exams.

More from the author
Network Access and Authentication
Intermediate
1h 33m
7 Nov 2017
Device Hardening
Beginner
2h 29m
26 Sep 2017
Implementing Physical Security
Beginner
1h 44m
27 Jun 2017
More courses by Daniel Lachance
Transcript
Transcript

Hi everyone, my name is Dan Lachance and welcome to my course, Designing and Implementing Security Policies.

The protection of personnel and digital assets consists of a variety of security controls including user behavior, all driven by organizational security policies. Policies, in turn, are documents laid out in a specific format, and they are influenced by factors such as best security practices, past lessons learned and regulatory compliance.

Awareness of how laws, regulations, and security standards bodies apply to the organization shapes policies such as how users store sensitive data or acceptable email usage. Enterprises can centrally enforce compliance on managed devices and monitor any deviations over time. The policies themselves need to be revisited periodically to ensure they continue to remain effective.

Some of the major topics that we will cover include:

  1. Identifying Security Standards Bodies
  2. Designing Security Policies
  3. Implementing Security Policies
By the end this course you’ll understand how security policy documents are laid out and how to determine what the document’s finer details will include, such as the use of specific security controls and consequences of policy non-compliance.

You will also gain insight as to how technical controls can be interpreted and implemented for policy compliance.

I hope you’ll join me to learn about the creation and implementation of security policies withinthe Designing and Implementing Security Policies course, here at Pluralsight.