University of Washington Network Security Credo


Incidents of unauthorized access to networked computer systems in an enterprise are growing at fearful rates. The purpose of this document is to identify general design principles and practices for defending against these threats. The full spectrum of security embraces several phases: prevention, detection, and recovery, and several elements: architecture, policy and education, risk management, liability management, technical defense, and operational defense. However, this document focuses primarily on the prevention phase (including detection of vulnerabilities before they are exploited) and technical defenses.

Download Resources