The starting point for security is policy. Security policies represent the rules to be applied in the help desk environment. They determine and mandate the appropriate levels of security and must be followed rigorously.

Because the help desk itself is a technology based entity, the policies must reflect this and properly cover IT. In the case of internet/intranet based help desks, network security policies must also be included.

The policies themselves are usually published centrally, and are either developed in-house or purchased from a specialist supplier - in most cases the latter is likely. To assist, we have identified a portal which focus exclusively upon security policies: Network Security Policies and IT Security Policies.