I don't know enough about it to write a policy. You need to work very closely with your IT folks so that you know what you want to block, what you want to allow through and what your systems can handle. Failure to do it right can either expose you to risks, or tie the hands of your employees.
I would suggest you consult sites such as Zone Alarms (zonelabs.com as I recall) and others commercially available and inquire with them. While they would present something which may be one-sided, you may get enough from them to do a good job with this. Also, look at the FFIEC and your regulators IT exam procedures and reference materials, then you'll also have the minimum requirements.
First published on BankersOnline.com 11/15/10
Firewall Policy
Answered by:
Question:
Our external auditor has requested that we create a firewall policy. I certainly wouldn't know where to begin. Does anybody have or know where I can get a template for a firewall policy?
Answer: