Good Policy before Security.