Are these "Policies" , "Standards" or    "Guidelines"?

 The answer is "It depends". New Concepts in IT, LLC can help  guide your company in the reasonable and proper application  and use of these policies. What is right for one company is not  necessarily right for another company.


    Acceptable Use Policies​

    There are many types of Information Security Policies that a​ll businesses should consider implementing to help protect their

    business and intellectual property. All information security should start with a policy that is developed and accepted by the C-level 

    management of the company and in our opinion is adhered to by all employees including the C-level staff. That being said, the

    policies should allow for the business needs of individual needs and groups. An example: the Marketing staff may need to access

    access Facebook, Twitter and other forms of social media while there is no reason to all access to all employees in the company.

    Some examples of Information Security Policies: (items in blue are the most commonly implemented)

    General Security Policies:

  • Encryption Policy

  • Acceptable Use Policy

  • Clean Desk Policy

  • Disaster Recovery Plan Policy

  • Digital Signature Acceptance Policy

  • Email Policy

  • Ethics Policy

  • Pandemic Response Planning Policy

  • Password Construction Guidelines

  • Password Protection Policy

  • Security Response Plan Policy

  • End User Encryption Key Protection Policy


    Network Security Policies:

  • Acquisition Assessment Policy

  • Bluetooth Baseline Requirements Policy

  • Remote Access Policy

  • Remote Access Tools Policy

  • Router and Switch Security Policy

  • Wireless Communication Policy

  • Wireless Communication Standards


    Server Security Policies:

  • Database Credentials Policy

  • Technology Equipment Disposal Policy

  • Information Logging Standard

  • Lab Security Policy

  • Server Security Policy

  • Software Installation Policy

  • Workstation Security (For HIPAA) Policy


    Application Security Policies:

  • Web Application Security Policy