Computer Security Policies Examples

An error occurred trying to load this video.

Try refreshing the page, or contact customer support.

Coming up next: Cloud Computing Security Issues

You're on a roll. Keep up the good work!

Take Quiz Watch Next Lesson
Your next lesson will play in 10 seconds
  • 0:04 What Are Policies?
  • 1:49 Remote Access Security
  • 3:23 General Security Policies
  • 5:57 Lesson Summary
Save Save Save

Want to watch this again later?

Log in or sign up to add this lesson to a Custom Course.

Log in or Sign up

Speed Speed
Lesson Transcript
Instructor: Katherine Wenger

Kate has a Bachelors, Masters, and is a Ph.D. candidate in the fields of Information Technology and loves teaching students

This lesson provides an explanation as to how and why a policy is formed as a basis for understanding the driving forces behind computer security policies. Common computer security policies and examples are discussed.

What Are Policies?

Let's start with a brief description of a policy. A policy is a set of principles that are intended to guide actions of an organization. For example, a computer security policy for a bank could be written that sets restrictions on employee Internet access in an effort to reduce the likelihood of an outside cyber-attack.

Policies are generally formulated either reactively or proactively. A reactively derived policy is created as a consequence of a failed or flawed process that caused or could have caused harm to the organization. Let's use a real-world scenario as an example of a reactive policy. For example, a small restaurant recently experienced a cyber-attack from a remote location by an individual using a mobile device. Upon learning of the details of the attack, the restaurant created a policy that restricts wireless access only to authorized individuals in an attempt to limit access to the network. Rather than forecasting a cyber attack and implementing a proactive policy, the restaurant waited until an actual attack occurred.

Although it may seem rather irresponsible of the restaurant not to have policies in place that protect their network and essentially the business, this is an entirely common practice. Organizations from a small restaurant to government agencies are all too often ill-prepared for computer security mishaps and often depend on historical events from which to create policies. A proactive policy is created from lessons learned as well as insight into future events. Now that we've gone over how and why policies are created, the following sections discuss examples and explanations of some commonly employed computer security policies.

Remote Access Security

Organizations continually expand the amount of employees who work off-campus; interoperability between organizations is always increasing and vendors are given greater access to a company's network, all made possible by remote access. Remote access to an organization's network can be especially beneficial to all parties involved, but it also allows for vulnerabilities to be exposed. Organizations that allow remote access have, or should have, specific computer policies that specify security procedures for remote access. For the most part, remote computer security policy reads such that only authorized users are allowed access to the network and for only legally accepted practices.

A Virtual Private Network, better known as VPN, allows employees access to the network after acquiring an Internet Service Provider to connect with. VPNs tend to be greater restricted in terms of security restrictions and the amount of authorized users allowed to connect in this manner. Specific virtual private network policy indicates who's granted the service and the type of use an individual is allowed on the VPN.

Wireless communication policy, on the other hand, requires connections to be secure. In some cases, an organization will restrict the breadth of activity that takes place by the user. For example, a bank may only allow certain applications to be downloaded to a mobile device in an effort to control Internet traffic, including blocking potential attacks that are easier through certain applications.

General Security Policies

An organization sets forth computer security policies specific to their needs. Suffice to say that organizations are connected via the Internet and use, at the very least, email. Depending on the specific needs, a company can use dozens of applications that communicate with outside companies, customers, clients, or vendors. It is of utmost importance that every aspect of vulnerability which comes in the form of connectivity through applications be given specific or general computer security policies.

To unlock this lesson you must be a Member.
Create your account

Register to view this lesson

Are you a student or a teacher?

Unlock Your Education

See for yourself why 30 million people use

Become a member and start learning now.
Become a Member  Back
What teachers are saying about
Try it risk-free for 30 days

Earning College Credit

Did you know… We have over 200 college courses that prepare you to earn credit by exam that is accepted by over 1,500 colleges and universities. You can test out of the first two years of college and save thousands off your degree. Anyone can earn credit-by-exam regardless of age or education level.

To learn more, visit our Earning Credit Page

Transferring credit to the school of your choice

Not sure what college you want to attend yet? has thousands of articles about every imaginable degree, area of study and career path that can help you find the school that's right for you.

Create an account to start this course today
Try it risk-free for 30 days!
Create an account