Deploying a network security policy is a significant and serious undertaking. Making good decisions in this matter will save a great deal of money and prevent many future security issues on your network, while making incorrect or hasty decisions will lay the foundation for an insecure network infrastructure. Creating a network security policy will affect your organization in a number of ways, including (but not limited to):
■ Financial A new network security policy may require you to purchase new equipment and software, such as firewalls, IPS (intrusion protection/prevention system), anti-virus software, new routers, and more. You’ll likely also incur additional salary costs for security personnel trained to manage the new hardware and software.
■ Network availability You may have to install new hardware and software on your network to comply with a new network security policy, which may impact your overall network availability as you install and configure this infrastructure.Therefore, the process needs to be well planned to reduce risks, costs, and downtime for your clients and internal users.
■ Usability In almost every case, the security of a computer system is inversely related to its usability. As a result of your network security policy, you may reach a state where the usability of the network is drastically reduced.Your network security policy needs to balance security against usability, so that your security policy does not become so rigid that your users cannot perform their job functions.
■ Legal Depending on your country and the activity of your business, you may be required to comply with legislative measures such as HIPPAA or Graham-Leach-Bliley.You need to consider these regulations when designing your network security policy.
Before you can begin to implement a new network security policy, you need to perform extensive planning and preparation before writing documents and configuring new hardware or software. It is important to know your network, to understand the reasons for every network device, to know the vulnerabilities of every technology in use, the strength of each device, and the way devices are connected to each other.