When developing a network security policy, determine what you want to protect.

  • Databases, spreadsheets and other data are critical.
  • Network and systems assets also require protection.
  • Applications are less critical because they can be re-installed if corrupted.

Determine the methods you will use to protect your network and data, for example:

  • perimeter router
  • firewall
  • intrusion detection system
  • virus software
  • backups

Determine where your security threats originate-from human influences or forces of nature? Decide how much you want to spend on protection.

  • Cisco Systems survey: most companies spend between $53 and $368 per workstation.