OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Cat amongst the Pigeons
From: Fisher, Lee (Lee_FisherNAI.COM)
Date: Wed Jul 19 2000 - 03:38:47 CDT

< Virus Control >
Software Deployment
Update Management
Report management

Lee Fisher
Systems Engineer,
AntiVirus and Information Security Specialist
Member of the AVERT
For United Kingdom and South Africa
Network Associates.

-----Original Message-----
From: IN0M [mailto:inomOZEMAIL.COM.AU]
Sent: 18 July 2000 12:58
To: FOCUS-MSSECURITYFOCUS.COM
Subject: Cat amongst the Pigeons

A question broad may it be, but here goes. If you had to name say 10 to 15
major areas for site security what would they be and what sub sections would
you add.
 Here are my thoughts so far although by no means the final list and in no
particular order. Any input would be greatfuly accepted

< Users >
Passwd
Access
Passwd aging
Account Management's

< Systems >
Patches
Security Advisories
Up dates

< Applications >
Data Bases
Design
Patches

< Encryption >

< Security Procedures >
Implementation
Hardening
Auditing
Controls

< Back ups >
On Site Security
Off Site Security
Reliability

< Web Servers >
CGI
Patches
Exploit monitoring

< Mail Servers>
Patches
Exploit monitoring

< Education >
User
IT Staff

< Virus Control >
Updates

< Email >
Intellectual Property theft

< firewalls >
Rules
Log Monitoring

< Routers >

< Ports >

< Services >

< Internal Threats >
Bad setup
Rouge Admin/Staff

< Non IT Management >

< Funds >

     Please feel free to add or delete or send mesages of stupidity to me.
Thanks
Peter Mercer
Sydney Australia