When developing a network security policy, determine what you want to protect.
- Databases, spreadsheets and other data are critical.
- Network and systems assets also require protection.
- Applications are less critical because they can be re-installed if corrupted.
Determine the methods you will use to protect your network and data, for example:
- perimeter router
- firewall
- intrusion detection system
- virus software
- backups
Determine where your security threats originate-from human influences or forces of nature? Decide how much you want to spend on protection.
- Cisco Systems survey: most companies spend between $53 and $368 per workstation.