Security Best Practices
CNETAsiaWeek Magazine ( Issue 15 - 16-31 August 2003 )
By e-Cop
Conduct a forensic examination
A full-scale examination should be conducted to
determine the areas of weaknesses which hackers have
exploited. For example, unpatched machines, incorrect
network placement and so on.
Following the investigations, all system information
should be preserved carefully and correctly. This is
highly recommended, as it will be very useful in the
event of legal proceedings, to be used as evidence and
reference.
Re-establish and install the network, based on vendor's
recommended guidelines and practices
Following investigations and reports which highlight
different areas of weaknesses, ensure that the past
scenario is not repeated and re-install the system /
network in a secure manner.
Enforce additional security measures, practices and
technology where required, to ensure timely detection
in the event of future similar occurrences.
Install additional firewalls, intrusion detection systems
( IDS ) and security technology o ensure the network
is secure an conforms to the best practices.
Ensure network is monitored on a 24 x 7 basis, where
incidences are responded to on time, and real-time countermeasures
are enforced on a round-the-clock-basis.
Engage an independent consultant to perform regular
vulnerability assessment to ensure that the network
security posture is well-maintained and strengthened
on a regular basis.
Conduct a regular review of the organization's policies
and procedures.
Brief designated staff about the organization's response
policies and train them to follow the procedures.
Ensure security policies, procedures and processes are
reviewed on a regular basis, conforming to the international
recognized best practices and guidelines, e.g. ISMS
and ISO 17799 / BS7799.
A good security policy will regulate and define the
rules on how the organisation manages and protects computing
resources to achieve its security objectives. In order
to cope with new intrusion threats, the organization's
security policy needs a constant review of its protection
techniques and its IT infrastructure.
In addition to guidelines and best practices, companies
should also educate their employees on ensure that everyone
has a part to play in maintaining good security. Employees
must also practice vigilance and this means keeping
a constant lookout for unusual or suspicious activities.
There must also be a continual assessment of the organisation's
security management procedures and controls.
Good security practices should also include investments
in state-of-the-art equipment, internal and external
audits for the entire security infrastructure.
|