Security Basics mailing list archives
Re: Windows Secure Build Checklist
From: rohnskii () gmail com
Date: 1 Mar 2009 07:27:01 -0000
This is not a Windows checklist, but it could be adapted for the high level (generic) concepts it proposes. http://www.mass.gov/?pageID=ocatopic&L=3&L0=Home&L1=Business&L2=Identity+Theft&sid=Eoca - this is a page of links relating to the new Massachusetts dat security law 201 CMR 17.00. The two items I looked at specifically were: # Small Business Guide for Formulating a Comprehensive Written Information Security Program PDF # 201 CMR 17.00 Compliance Checklist PDF After a quick read, there are some interesting provisions such as: "data security coordinator shall maintain a highly secured master list of all lock combinations, passwords and keys" (all passwords???) "current employee's user-ID's and passwords must be changed periodically" (??? user-ID's???) "visitor access must be restricted to one entry point ... shall not be permitted to visit unescorted ..." (gee, most of the office buildings I've worked in have more than one access point that could be used by visitors)
Current thread:
- Re: Windows Secure Build Checklist rohnskii (Mar 02)