Security Basics mailing list archives

Re: Information Security

From: simonis () myself com
Date: 14 Dec 2007 16:35:00 -0000

Id like to assemble a toolkit both for gaining security control and
then maintaining it. Also pointers as to best practices and the like
would be most appreciated.
<<

Based on the limited information, you likely have a bigger problem than you can solve alone.  The first step necessary 
for an efffective security program isn't tools, it is agreement by management that security is necessary, which it 
seems you may not have.  Once management agrees, the next step is a policy to help everyone understand what their 
responsibilities are.  This should be clear and unambiguous.  

Only then should you think about what tools are necessary, since these tools will be technical means to enforce the 
policy.  

Do you even have the basics covered... properly managed firewalls, managed AV, etc?

Current thread:

Re: Policy enforcement- Admin accounts, (continued)
- - - Re: Policy enforcement- Admin accounts Charles Hardin (Dec 18)
    - Re: Policy enforcement- Admin accounts mgk.mailing (Dec 18)
    - Re: Policy enforcement- Admin accounts mgk.mailing (Dec 18)
    - Re: Policy enforcement- Admin accounts Micheal Espinola Jr (Dec 18)
    - RE: Policy enforcement- Admin accounts Can Deger (Dec 18)
    - RE: Policy enforcement- Admin accounts Jesse Eaton (Dec 18)
    - RE: Policy enforcement- Admin accounts Scalcione.David (Dec 17)
    - Re: Policy enforcement- Admin accounts mgk.mailing (Dec 17)
    - Discussing Microsoft Forefront security attempt WALI (Dec 24)
    - RE: Policy enforcement- Admin accounts Jesse Eaton (Dec 17)
- Re: Information Security simonis (Dec 14)
- Information Security Geoff Choo (Dec 17)