Control 5 builds on Control 4 and is concerned with increased awareness and defense of the network boundary. To defend the boundary means you must be aware of what traffic goes through all network segments. Change control procedures that are strictly followed is also an important step toward successfully implementing this control. What can be […]
Control 3 – Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
Control 3 builds on the previous two controls, Inventory of Authorized and Unauthorized Devices and Inventory of Authorized and Unauthorized Software. The intent of this control is to develop secure configurations for your systems and montior for any deviation from this standard. To implement this control, you must invest in some manual work in making […]
Get Wisdom as Cheaply as You Can
New details have emerged about the now famous RSA APT incident. As posted on their Security Blog and as mentioned on the SANS Internet Storm Center, it was disclosed that the incident started by phishing emails that contained a malicious attachment. This allowed the attacker to establish a foothold inside the organization. What about your […]