Professional Documents
Culture Documents
Secure Engineering Principles
Secure Engineering Principles
Secure Engineering Principles
ENGINEERING
PRINCIPLES
1
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Secure Engineering Principles
Version Control
Owner Version Edited By Date Change History
IS Rep 0.1 Assent 14/07/2016 First Draft
Distribution
Held Format Location Comments
By
User Digital / Physical
Status
X Status Approved By Date
Working DD/MM/YYYY
X Draft
Provisional Approval
Publication
Classification
X Confidential
Restricted
Unclassified
Relevance to Standard
License
2
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Contents
3
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Secure Engineering Principles
1.0 Overview
This policy sets out the organization’s approach to engineering secure systems.
2.0 Policy
4
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Assume that external systems are insecure.
5
© Distributed by Resilify.io under a Creative Commons Share Alike License.
Isolate public access systems from critical resources.
6
© Distributed by Resilify.io under a Creative Commons Share Alike License.
3.0 Related Policies
Password Policy.
Access Control Policy
Patching Policy
http://en.wikipedia.org/wiki/Security_engineering#Web_applications
http://msdn.microsoft.com/en-us/library/ff648105.aspx
7
© Distributed by Resilify.io under a Creative Commons Share Alike License.