Wireless Operational Security
Overview
The security policy life cycle, as suggested by J. Craig Lowery [1] in a recent white paper, is a model incorporating the following nine phases:
-
Draft. Representative committees write policies.
-
Adopt. Administration reviews and approves policies.
-
Implement. Administration defines procedures to implement the policies.
-
Educate. Users receive training about the new policies and procedures.
-
Deploy. Policies are put into effect; related technical solutions are deployed.
-
Monitor. Security team observes the computing environment for policy violations.
-
Enforce. Violators are punished as prescribed by policy.
-
Reevaluate. Policies are reviewed for continued relevance and accuracy.
-
Revise . Policies are revised as needed to keep them current, relevant, and accurate.