Week 3 of the SANS top 20 covers creating secure default setups for software, servers, and end user systems. The tricky part here is defining what is standard, safe and secure. However, if you have a good idea of the hardware and software present, which you should at this point, this becomes a lot simpler of a task. You can start by asking questions about what is present on your network. In my opinion you should know generally who and uses what software and why. I'm not advocating knowing the ins and outs of all software present on your network, but merely being aware of the primary users are. Secondly do some research! You can go to sites such as the Center for Internet Security and the NSA to look for details on configurations of some systems. The great thing here is that once you get a template you can copy it! Microsoft also has a built in base line security analyzer. This allows you to know the status of your Microsoft systems. In addition if you are using Spiceworks or another tool to monitor your network, you can scan for new software or hardware! You can also set switches and wireless access points up to deny unknown mac addresses. I also recommend an annual review of the corporate firewall. In addition develop a process for making changes. This can be as simple as a log that states when the change was made, who made the change, and why! Lastly Sans has intrusion detection worksheets, these sheets allow the creation of an automated baseline of systems. It gives you something to compare systems to if an issue occurs.
No comments:
Post a Comment