OnDemand + GIAC - Get your Certification Attempt Included for a Limited Time!

Information Security Policy Templates

Subscribe to SANS Newsletters

Join the SANS Community and receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.  

Server Security Policy Templates

Database Credentials Policy

Defines the requirements for securely storing and retrieving database usernames and passwords (i.e., database credentials) for use by a program that will access a database running on one of companyâs networks.

Download Policy Template

Technology Equipment Disposal Policy

Defines the requirements for proper disposal of electronic equipment, including hard drives, USB drives, CD-ROMs and other storage media which may contain various kinds of company data, some of which may be considered sensitive.

Download Policy Template

Information Logging Standard

Defines the specific requirements for information systems to generate appropriate audit logs that will integrate with an enterprise's log management function.

Download Policy Template

Lab Security Policy

Defines requirements for labs (both internal and DMZ) to ensure that confidential information and technologies are not compromised, and that production services and interests of the organization are protected from lab activities.

Download Policy Template

Server Security Policy

Defines standards for minimal security configuration for servers inside the organization's production network, or used in a production capacity.

Download Policy Template

Software Installation Policy

Defines the requirements around installation of third party software on company owned devices.

Download Policy Template

Workstation Security (For HIPAA) Policy

Defines the requirements to ensure the the HIPAA Security Rule âWorkstation Securityâ Standard 164.310(c) can be met.

Download Policy Template