Security Policy කියන්නෙ basically organisation එකේ cyber rules & do’s & don’ts set එකක්.
ඒ කියන්නෙ — “What’s allowed, what’s not, and how to react when something goes wrong.” 😎
මේකේ main goal එක — protect company data, systems, and people from internal & external threats.
📘 What is a Security Policy?
Simple terms එකට කියන්නෙ, Security Policy කියන්නෙ guide එකක්.
It tells employees how to handle sensitive info, how to report incidents, and how to stay secure online.
උදාහරණයක්:
- Password create කරන rule එක
- Company Wi-Fi connect වෙන්න procedure එක
- Data backup & sharing guidelines
- Incident report form එක use කරන විදිහ
Policy = Rule Book. Procedure = How to do it step-by-step.
⚙️ Why It’s Important
🧠 Think about it — if every employee acts their own way, chaos right?
So policies help everyone follow one standard path.
Main reasons 👇
- 🔒 Protect confidential data
- 🧰 Reduce human errors
- 📊 Meet compliance laws (GDPR, ISO 27001, etc.)
- 💬 Help during incidents (clear steps to follow)
- 💪 Build a strong cyber culture
Without policies, even the best tech tools can’t protect a company.
🗂️ Common Security Policies You Should Know
1️⃣ Acceptable Use Policy (AUP)
Defines how employees can use company devices, internet, and emails.
👉 Example: “Don’t install unauthorized software.”
2️⃣ Password Policy
How strong passwords should be, rotation periods, MFA rules.
👉 Example: “Min 12 characters, include symbols, no reuse.”
3️⃣ Access Control Policy
Who can access what data. Based on need-to-know principle.
4️⃣ Incident Response Policy
What to do when cyber incident or breach happens. (Report → Contain → Recover → Learn).
5️⃣ Data Protection Policy
Rules for storing, encrypting, and sharing sensitive info.
6️⃣ Remote Work Policy
How to safely work from home (VPN use, no public Wi-Fi, etc.)
7️⃣ Backup & Recovery Policy
Ensures data can be restored after ransomware or system failure.
🧩 Procedures — The “How-To” Part
Policies කියන්නෙ rule එක. Procedures කියන්නෙ “how to do it properly.”
Example:
- Policy: “All incidents must be reported within 15 mins.”
- Procedure: “Go to SOC portal → Fill incident form → Notify supervisor.”
Procedures help teams react fast and consistently under pressure.
🧠 Why SOC Analysts Need to Know These
As a SOC analyst, knowing policies is not boring admin work 😅 — it’s part of your weapon set.
Because when something happens:
- You must follow Incident Response Policy
- You must check Access Control Policy before blocking users
- You must maintain logs according to Data Retention Policy
ඒ කියන්නෙ, policies guide your every move — legally and technically.
🚨 Real World Example
Imagine a phishing email hits an employee.
Without a policy → panic 😬
With a policy →
✅ Employee reports via email security form
✅ SOC isolates the mailbox
✅ Forensics checks the attachment
✅ Lessons learned shared to staff
Policy එකක් තියෙන එක company එක save කරන එක.
🏗️ Building Good Policies
Good security policies should be:
- 🧾 Clear & Simple – no jargon
- 🧱 Realistic – match company size
- 🔁 Regularly Updated – threats change every month
- 🙌 Communicated – not just sitting in a PDF folder 😅
- 🔍 Audited – test if people actually follow them
🧩 Quick Checklist
✅ Do employees know the rules?
✅ Are passwords strong enough?
✅ Are backups working?
✅ Do we have a proper Incident Response Plan?
✅ Are procedures written or just “in someone’s head”?
If you said “no” to any of these — time to fix your policies 👀
💬 Final Thought
Cybersecurity කියන්නෙ tech එකක් විතරක් නෙවෙයි — it’s also about behaviour, culture, and awareness.
Security Policies & Procedures කියන්නෙ ඒ foundation එක.
They make sure every employee becomes a part of the cyber defense wall 🔐💪