Network Security IT Standard

Your organizations' network provides baseline connectivity between all end-users, computers, and storage devices. It also provides access between the organization and external networks, including both partner networks and the Internet. The information security controls which are deployed to the network are critical to the overall security posture of the organization, and failure of these controls may expose the confidential and sensitive information that the organization manages. 

Network technology and topologies are evolving rapidly. This is observed in the rapid shift to virtualization technology at the network layer as well as next-generation network devices which can be solely responsible for multiple functions such as switching, routing, packet filtering, load balancing, and traffic inspection. Specific care must be taken with such devices as a simple configuration error may have a detrimental effect on the security of the overall device, and therefore the networks that it services. In alignment with this rapidly evolving lifecycle, network security controls must be adjusting to accommodate this new functionality and services. Consequently, Network Security controls must not constrain the ability of the organization to innovate but should give a framework of controls that allows the organization to access new and innovative services in a secure controlled manner. 

This standard aims to ensure that the organization networks are designed, implemented, and managed according to good practice security standards in order to protect the organizational and IT services, whilst allowing [Company Name] to utilize innovative and evolving technologies.

This security standard applies to all the network environments. Appropriate data security controls reduce the likelihood (and impact) of data breach incidents during various phases of the data lifecycle. The purpose of this standard is to set out the rules for securing the companies' data during transmission and storage. This document provides best practice recommendations on information security management for use by those responsible for initiating, implementing, or maintaining information security management systems (ISMS).

Nowadays, with the digitalization of our society, the need for data protection became more important. The latest IT Security Standards involve the application of technology to broader social and institutional contexts, and thereby contributes to the servitization of companies, and affects how they compete and interact. This document contains security technology solutions to protect data classified as “Highly Sensitive”, “Sensitive”, “Private” or “Public” as per the Data Classification Standard and Data Handling Guidelines. Specifically: