The glossary below contains many of the terms you will find in common use throughout the Symantec Security Response website. Please refer to this list to find definitions of terms and answers to other Internet security-related questions.

security policy

A set of security modules, such as the rules for constructing passwords or the ownership of a system’s start-up procedures. Policies establish which users can access certain information, and point to the standards and guidelines that describe the necessary security checks.

A combination of all the security rules and settings that have been applied to a specific group to protect an enterprise’s computing integrity. Security policies can include rules concerning the permitted applications, connection type, VPN, Ethernet, wireless, and any other restrictions or specifications that an organization wants to enforce. See also OS Protection, firewall rule, Host Integrity policy.

A company's formal declaration of its security goals and how it will meet those goals. At its most fundamental level, a security policy is an organization of controls that is designed to reduce risk, demonstrate fiduciary responsibility, and satisfy regulatory codes.