Please enable JavaScript.
Coggle requires JavaScript to display documents.
1.5 (1) Security Baselines (Access Standards (Inventory (Objective:-…
1.5 (1) Security Baselines
Access Standards
Inventory
Objective:- Establish and maintain an inventory
Users are expected to follow standards for managing computers connected to the network and have registered network addresses. The OS and owner should be included along with the data provided.
Malware
Objective : Install antivirus software with automatic
updating
Antivirus software with an automatic DAT file should be updated at regular intervals—no less than weekly.
Passwords
Objective : Recognize the importance of passwords
Users must use only strong passwords. The IT department should provide password guidance. Departmental accounts are created for workgroups to prevent/avoid password sharing.
Patching
Make it automatic—less work
necessary, less chance for compromise
Each machine should be configured to patch automatically for OS and basic software patching.
A process should be set up that works for the department and minimizes disruptions at inconvenient times.
Workstations should be more automated to enable system administrators the time to give servers the attention required to minimize the impact on services offered.
Minimizing services offered by systems
Eliminate unnecessary services reducing security risk and saving time in the long run
To improve basic security and minimize effort to maintain systems, workstations should offer only needed services. Many OSs are installed with services turned on. By removing services, a workstation’s chances of being compromised are reduced and security risk is minimized.
Addressing
vulnerabilities
Eliminate many vulnerabilities with
good system administration
To improve basic security and minimize effort to maintain systems, workstations should offer only needed services. Many OSs are installed with services turned on. By removing services, a workstation’s chances of being compromised are reduced and security risk is minimized.
Backups
Allow easy recovery from user mistakes
and hardware failure with backups
Backups should be made offsite for
increased security.
Standards
Standards for security may be defined:
• At a generic level (e.g., all passwords must be at least eight characters long)
• For specific machines (e.g., all UNIX machines can be configured to enforce password changes)
• For specific application systems (e.g., sales ledger clerks can access menus that allow entry of sales invoices but may not access menus that allow check authorization)
Examples are given in table 5.2