Scribd
Upload
417 views6 pages

Network Security Policy

The network security policy outlines security requirements for RECOM CONSULTING LIMITED's network. It requires the use of network security devices to implement access controls and protect traffic between network zones. All web traffic must be monitored and logged. Remote access to company assets requires a VPN. The IT team must approve any wireless or network access devices connected to the company network.

Uploaded by

Kamrul Hasan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
417 views6 pages

Network Security Policy

The network security policy outlines security requirements for RECOM CONSULTING LIMITED's network. It requires the use of network security devices to implement access controls and protect traffic between network zones. All web traffic must be monitored and logged. Remote access to company assets requires a VPN. The IT team must approve any wireless or network access devices connected to the company network.

Uploaded by

Kamrul Hasan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

NETWORK SECURITY POLICY

RECOM CONSULTING LIMITED


ISO 27001:2013

House 18 (Flat B2), Road 1/A, Block J, Baridhara, Dhaka 1212


ISMS FRAMEWORK

Document Details

Document: NETWORK SECURITY POLICY

Document Number: RCL/ISMS/L2/09

Version: 1.0

Document Date: 01-10-2021

Prepared By: CISO

Reviewed By: ISSC

Approved By: CEO

Classification Level: Internal

Modification History

Sl. No. Description of Change Date of Change Version No.

1 Initial Release 01-10-2021 1.0

This is an internal document prepared by RECOM CONSULTING LIMITED and it is strictly prohibited to be reproduced, utilization of
disclosure to any third party, in any form, without prior intimation to RECOM CONSULTING LIMITED
Page 2 of 6
ISMS FRAMEWORK

1 CONTENTS
1 Contents ........................................................................................................................................................................3
2 Scope .............................................................................................................................................................................4
3 Procedure Description...................................................................................................................................................4
3.1 Purpose ............................................................................................................................................................4
3.2 Procedure ............................................................................................................................................................4

This is an internal document prepared by RECOM CONSULTING LIMITED and it is strictly prohibited to be reproduced, utilization of
disclosure to any third party, in any form, without prior intimation to RECOM CONSULTING LIMITED
Page 3 of 6
ISMS FRAMEWORK

2 SCOPE

This procedure applies to:

• All users of RECOM CONSULTING LIMITED’s information system and information asset
regardless of location.
• Providers in respect of the facilities that they provide.
• Asset owners with respect to the asset that they own.

This procedure provides security requirement for network which are used to communicate or
transmit information to staff and external parties.

3 PROCEDURE DESCRIPTION

3.1 PURPOSE

This procedure describes the security requirements for connections to internal computers and
networks equipment’s. It covers a wide variety of technologies including wireless connections,
dial-up modem links, Internet encrypted tunnels (also known as virtual private networks or VPNs),
segmentation of network using LANs, restricted access to network services, restricted physical
access to network devices etc.

3.2 PROCEDURE

Provider and user security requirement


• regardless will:

o Use network security devices to implement access control lists and network
protection features to control traffic travelling between network zones with differing

This is an internal document prepared by RECOM CONSULTING LIMITED and it is strictly prohibited to be reproduced, utilization of
disclosure to any third party, in any form, without prior intimation to RECOM CONSULTING LIMITED
Page 4 of 6
ISMS FRAMEWORK

security requirements and, where applicable following the completion of a risk


assessment, within network zones. Where it is not possible to use network security
devices to implement access control lists, host based security mechanisms must be
implemented to control network traffic.
o Ensure that, as minimum, network security devices are placed at all internet
connectivity points and between wireless networks.
o Ensure that all web traffic is monitored and logged.
o Configure networking infrastructure in accordance with the relevant regardless
security configuration standards.
o Use security software (e.g. antivirus software).
o Ensure that email and instant messaging services operated by, or on behalf of, the
regardless include anti-virus scanning of incoming/outgoing emails and
transmissions (including attachments) and the screening for and removal of spam.

Network security

• Providers will ensure that:

o Network can trace network traffic to an individual named user


o Network security devices control all inbound and outbound network traffic
o Network security devices block network traffic by default unless it is explicitly
authorized
o Network access will be limited to specific hosts and ports/ services/ protocols as
required
o Network security devices only permit network traffic that is necessary for RECOM
CONSULTING LIMITED’s operation and block all other traffic.

This is an internal document prepared by RECOM CONSULTING LIMITED and it is strictly prohibited to be reproduced, utilization of
disclosure to any third party, in any form, without prior intimation to RECOM CONSULTING LIMITED
Page 5 of 6
ISMS FRAMEWORK

Web application security

• Asset owners will conduct risk assessments for RECOM CONSULTING LIMITED web-based
applications to determine if the application requires protection through the use of a web
application firewall.
• Providers will ensure that web application firewalls are implemented and configured to
block security incidents and attacks from occurring, where deemed necessary by the
asset owner.

External network access requirement

• Will ensure that strong end-to-end encryption is used to protect data transmitted over
external network connections to and from the RECOM CONSULTING LIMITED
network. Information that is classified as public does not require encryption.
• Will ensure that remote access to RECOM CONSULTING LIMITED information assets is
through the use of a virtual private network (VPN) connection. Asset owners must
approve other access methods.
• Will ensure that all users connecting to the RECOM CONSULTING LIMITED network via
VPN are limited to the access they require to perform their studies or duties. Access will
be limited to specific hosts and ports/services/protocols as is required.

Infrastructure devices

• The IT Team will approve, where appropriate, all wireless and network access devices
that are directly connected to the RECOM CONSULTING LIMITED network. Providers and
users will not directly connect unapproved wireless and network access devices to the
RECOM CONSULTING LIMITED network.
• The IT Team may disable unapproved or unsupported network access devices at any time
and without notice.

This is an internal document prepared by RECOM CONSULTING LIMITED and it is strictly prohibited to be reproduced, utilization of
disclosure to any third party, in any form, without prior intimation to RECOM CONSULTING LIMITED
Page 6 of 6

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy