|
Security Basics
Security Incident Handling / Organization Nov 11 2009 01:32PM Tony Raboza (tonyraboza gmail com) (2 replies) RE: Security Incident Handling / Organization Nov 12 2009 10:56PM Jason Hurst (Jason Hurst PandaRG com) |
|
|
Privacy Statement |
I suggest you to start from defining roles and assigning them to
personnel. It is a good practice for security incidents to form ad-hoc
team, which should include IT/helpdesk specialist for technical work
and some one from management, who has enough power for administrative
actions. Later you can allocate a dedicated persons for a roles. For
strategic IT security initiatives you might want to form a security
committee (board) in the company.
2009/11/11 Tony Raboza <tonyraboza (at) gmail (dot) com [email concealed]>:
> Hi all,
>
> Recently I posted regarding a possible "Zombie / Botnet" that I
> discovered. Anyway - my company does not have yet any IT security
> group - that's why sometimes its quite hard to do incident
> handling/analysis. I am one of the Systems and Network Administrator
> and IT security is a subset of our work. We have lots of remote
> offices and we have IT Helpdesk in most of them.
>
> I'm proposing to our company that an IT security group be formed. For example:
>
> You have a workstation broadcasting abnormal high UDP traffic. The IT
> security group goes in and investigates. They pull out workstation if
> needed be. IT Helpdesk issues a service unit so that user can
> continue working.
>
> Is this correct? What do you think? What is the recommended best practice?
>
> Thanks.
>
>
>
> Best,
> Tony
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------
>
>
--
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
http://www.linkedin.com/in/gpaharenko
+380503116172
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]