Microsoft Windows Software Update Services (WSUS)provides automated patching of Microsoft operating systems and products. The WSUS administrator can schedule categories of patches and schedule their installation. Also included is a reporting feature that can send daily reports via email to administrators notifying them of new patch releases and the status of their installation across the […]
Control 19: Data Recovery Capability
Develop a written plan that identifies all business owners and the processes needed by them to restore normal operations. Interview the business owners to better understand the dependencies needed to do their normal activities. Conduct annual tabletop exercises with each business process owner. Use mock scenarios that consider availability loss of people, facilities and technology. […]
Control 18: Incident Response Capability
Enlist all employees to report suspicious activities to the Incident Response Team (IRT). Create a dedicated phone number and email address they can use to report issues to your team. Security awareness training to enable all employees to contact help desk with suspicious issues. Monthly IRT team member training that covers the steps in the […]
Control 15: Data Loss Prevention
Data Loss Prevention (DLP) is a new trend in Information Security, but really should not be. DLP may have been a missed opportunity when Network Intrusion Detection (NIDS) was first introduced. Is it all of a sudden that data exfiltration has become important? How was this missed as a priority for so long? Define what […]
Control 14: Wireless Device Control
Wireless network access allows for better collaboration and mobility. With this relatively new medium comes an extra risk. Be sure to handle this administratively through the use of policy and user education to set clear expectations of appropriate use. Specific policy reference should be made that prohibits the use of peer to peer wireless networking. […]
Control 13: Limitation and Control of Network Ports, Protocols, and Services
Just as mentioned in Control 5 Boundary Defense, proper ingress and egress filtering should be in place. Diligently maintaining awareness of the traffic that is allowed into and out of your network is critical. SourceFire RNA Compliance Rules allow the administrator to create rules that mirror the firewall rules and alert when any other traffic […]