Security Basics mailing list archives
Re: best place for IT Security team in the company organisation
From: SherpaJoe <sherpajoe () gmail com>
Date: Thu, 09 Aug 2007 14:47:25 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 1 - Security roles do not necessarily administer the controls, rather security establishes (sec specific SOPs (practice & policies)) and they monitor the controls to tweak and dial as compliance or environmental wind changes. (e.g. Server administrators apply the "policy", not the sec. officer) To answer your question regarding the proposition to move the 'firewall and vpn' administrators in the telcom data direction; it is not without merit. It would be the sec team who establishes the policies and ensures they are maintained(administered) appropriately while the administrators handle the tactical role of the day to day. Policy should supersede petty control politics and guide day to day practice. (hee.hee: where I work our policy has the admins monitoring the controls and reporting as a sec dss (decision support service)... we keep things honest with routine audits... again practice as a policy derivative. 2 - Dido Pascal's comments. .Joe -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFGu4ttpcYWM8lb/XwRAgqqAJ9fVsavbmFSKy1OOyf7koPKh8M6nACeNUW0 srNF5ga/RtDUwXbl6S78VUk= =/YTC -----END PGP SIGNATURE-----
Current thread:
- best place for IT Security team in the company organisation soul (Aug 08)
- Re: best place for IT Security team in the company organisation Kenneth Swain (Aug 08)
- RE: best place for IT Security team in the company organisation William Shepherd (Aug 08)
- RE: best place for IT Security team in the company organisation Mngadi, Simphiwe (SS) (Aug 13)
- <Possible follow-ups>
- Re: best place for IT Security team in the company organisation pks (Aug 09)
- Re: best place for IT Security team in the company organisation SherpaJoe (Aug 10)
- Re: best place for IT Security team in the company organisation Doug Schlachta (Aug 10)