Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Security Configuration Management

advertisement 
System Hardening
•
•
•
•
Security Configuration Management
•
•
•
•
NIST says SCM is:
“The management and control
of configurations for an
information system with the
goal of enabling security and
managing risk”
The ability to create, edit and manage
IT security hardening policies in a way that
fits real-world business processes and
continually balances risk and productivity
On Many Short-term Buying Lists
© 451 Group 2013
1
the #1 priority
2
2nd most effective
3rd most important
3
(& 10)
GCHQ’s New Cyber Security Guidance
GCHQ released new
“10 Steps to Cyber
Security” in Fall 2012
Focused on executive
and board
responsibility
Names Secure
Configurations as one
of the most critical
steps to achieving
an objective measure
of cybersecurity
“Configuration drift is a natural condition in every data
center environment due to the sheer number of ongoing
hardware and software changes.” – Continuity Software blog
“In less than a week,
all the configuration
controls, permissions
and entitlements that
IT spends time testing
are useless.”
– ITPCG blog
Monitors and assess critical configurations in:
• File systems
• Databases like MS-SQL, Oracle, IBM DB2 and Sybase
• Directory services and network devices
When?:
• Immediate detection of changes to critical, defense-dependant configurations
• Efficient, change-triggered configuration assessment
• Shorten time of system risk
Demonstrating Compliance:
• Document any waivers
• Document when tests went from failing to passing
• Alerted to tests going from passing to failng – within minutes or at least hours
Continually assess and remediate insecure
configurations, insuring always-hardened,
always-ready information systems and network
devices
Time
www.tripwire.com
Related documents
Supply Network Design and Product Environmental Performance
Supply Network Design and Product Environmental Performance
20090115 Assignment
20090115 Assignment
Topologically non-trivial field configurations - interplay of vortices and Dirac eigenmodes
Topologically non-trivial field configurations - interplay of vortices and Dirac eigenmodes
permutations and the 15-puzzle: exercises Peter Trapa
permutations and the 15-puzzle: exercises Peter Trapa
 All distributions of energy are equally probable 5
 All distributions of energy are equally probable 5
GEOMETRY OF MEMBRANES
GEOMETRY OF MEMBRANES
Kindergarten Mathematics Module 5, Topic C
Kindergarten Mathematics Module 5, Topic C
Indian railways scope and opportunities for research
Indian railways scope and opportunities for research
J Joint Service Lightweight Standoff Chemical Agent Detector (JSLSCAD) DOD PROGRAMS
J Joint Service Lightweight Standoff Chemical Agent Detector (JSLSCAD) DOD PROGRAMS
Consolidated Purchasing Workgroup ‐9/16/2010  Discussion of Campus Purchasing Exception Process for WCU
Consolidated Purchasing Workgroup ‐9/16/2010  Discussion of Campus Purchasing Exception Process for WCU
CSWP Notes (from Christian)
CSWP Notes (from Christian)
Document13051352 13051352
Document13051352 13051352
Download
advertisement