O'Reilly logo

WordPress 3 Ultimate Security by Olly Connelly

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Appendix C. Security Policy

A security policy is a document that does just that: it polices security. It's a foundation tool to help us in staying one step ahead of a compromised site. We like that.

These working documents can be as simple or complex as an outfit needs. At enterprise level, you'd have a legally-adjusted multi-tiered approach or, for sole bloggers, something more akin to a checklist. In any case, here are the kinds of elements to weave in:

  • Goals
  • Roles and responsibilities
  • Assets such as domains, hardware, and security tools
  • Procedures
  • Enforcement rules

Note

Isn't this overkill?

The breadth of a policy can be excessive but, for any site, writing up a policy is a smart exercise to highlight weaknesses and to nudge improvements. They may ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required