Network Security Policy

DIGIGUARD can create a network security policy for your SMB. Businesses know that information is one of the most important commodities. Our team of experts will help your business protect valuable data from cyberattacks and insider threats. A network security policy is a complex document that outlines rules for network access, determines enforcement and lays out the basic architecture of the company and network security environment. This policy will govern how your network is used in everyday business operations and how it reacts during abnormalities. We will help enforce, manage, monitor and maintain security on your computer network. Our consultants will create a policy to control and protect your information by documenting these main elements:

• Rules and procedures for network access or modifications
• Governance and management of internet access
• Define training plans for key staff who manage daily security operations
• Implementation of access control security procedures on network endpoints
• Privileged access and user role policies
• Identifying authorized and unauthorized network services and processes

Security Accountability and Data Classification

A DIGIGUARD network security policy will define the roles and responsibilities of users, key staff and management. Accountability in these three categories will help your business understand and manage expectations and enforce network policies and procedures. Using input from key stakeholders, we will also define and classify data types and make rules and stipulations for which employees can access what type of data. Our team will help your business reduce the likelihood of data compromise or destruction and keep proprietary data out of the hands of cybercriminals and competitors. We discover what data and systems are critical to operating your business, and what data is valuable to others. We protect data such as customer personal information or proprietary formulas and sales information. Here are some of the data classifications we use:

• Internal
• External
• General
• Confidential

Operating System and Service Policy

DIGIGUARD looks at the host security configuration for your critical operating systems and servers. We build a foundation for a stable network environment. Your customized policies will be carefully weighed based on the need for operational speed, traffic, transmission and filtering and other control and technical requirements. The policy will define:

• Which services run on which networks
• Account management policies
• Password management policies
• Messaging policies
• Database policies
• Anti-virus policies
• Host-based intrusion detection policies
• Firewall policies

Physical and Site Security Policy

Creating a network security policy is not limited to systems. Physical and site security plays a crucial role in your overall network security. DIGIGUARD will consider building security and surveillance as well as device security. Here are some of the physical security items we will include in the policy:

• Building security
• Card and key reader security
• Camera locations
• Visitor management
• Inventory data security
• Shipping and receiving security
• Hardware and device security
• Decommissioning hardware and devices
• Data disposal

Network Security Incident Response

Customized network security policies will also include details and procedures about how to respond to security incidents. In the event of a breach, the policy plan will help your business quickly act to discover, halt and mitigate a cyberattack. DIGIGUARD will include a section on incident response in your policy that provides for:

• Methods to evaluate and investigate a breach
• Key personnel and services notification and engagement
• How to halt and eradicate the problem
• Policy breach enforcement steps post-incident

Behavior and Acceptable Use Policies

DIGIGUARD will create documents for acceptable use policy for your employees and management to review and sign. We will help you communicate the accepted use, expected behavior, protection of and specific disciplinary consequences of mishandling technology and data assets at your business. The document will be customized for your company’s unique requirements. Our consultants can provide regular audits to determine compliance. We can help you review the policy at periodic intervals or whenever technology or staff changes occur. We can also create sub-documents for:

• Computer use policy
• Internal access policy
• External access policy
• Mobile device policy, and more

Recurring Network Compliance Reviews

DIGIGUARD recommends reviewing your network security policy twice per year to review compliance procedures and determine what files to edit or configure, what ports should be opened or closed and what updates should be applied. Your policy should also be reviewed if any changes will occur to your business systems. Contact DIGIGUARD today to learn more about building or updating a network security policy for your small or mid-sized business.