This is an automated archive.
The original was posted on /r/sysadmin by /u/Housing-Disastrous on 2024-01-19 04:38:31+00:00.
So I am a network technician that is borderline Systems admin as I work with everything IT touches and have keys to the castle. Now I’m now tasked with creating policies such as password policies and security policies the department and staff must adhere to in the case of. The two policies I need to create are for a security breach of our systems and the protocols we must follow in the case of and malware detection/infection of our systems. I Can create a password policy as that’s pretty cut and dry but security portion I’m kind of at a loss. What policies or protocols would be ideal to implement for a security breach and malware infection? I know the obvious steps such and cutting off the infected site systems and place them in quarantine, but that’s about it. Any ideas or general information is appreciated.