Security Basics mailing list archives
RE: Basic Computer Security Advice Needed
From: "Sergio Castro" <sergio.castro () unicin net>
Date: Fri, 16 May 2008 13:17:27 -0500
Hi Mark, This framework is a good place to start: http://www.isecom.org/osstmm/ Regards, Sergio -----Mensaje original----- De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En nombre de Mark Goodridge Enviado el: Viernes, 16 de Mayo de 2008 12:53 p.m. Para: security-basics () securityfocus com Asunto: Basic Computer Security Advice Needed I am what passes for the computer technology guy at a small elementary school. I'm trying to improve the security of the information we store on our computers and I hope this list can give me some advice. First, I'm looking for an appropriate definition of information security as it would apply to my situation. "If I don't know what it is, how will I know when I've found it?" Second, I need to write a policy or a checklist, or a document of some sort we can use to evaluate, monitor, and improve our computer/information security. We're constrained by time, training, and money. Any policy I devise has to be capable of being implemented and managed by people with modest computer skills (the equivalent of the CompTIA A+ or Network+) with limited time available, and for all practical purposes, no funding. I realize that under these circumstances an extremely high level of security is unobtainable and probably unnecessary in any event. What I hope to be able to do it to make the information on the LAN secure from the casual hacker and all but the most persistent attacks from those who might deliberately target our network. Can you direct me toward any resources; particularly security definitions, security frameworks, or security policies that you think might assist me? I have done the usual Google searches and come up with an overwhelming list of web sites but I was wondering if you knew of anything that specifically addressed my problem. Thank you for your assistance, Mark Goodridge __________ NOD32 3105 (20080516) Information __________ This message was checked by NOD32 antivirus system. http://www.eset.com
Current thread:
- Basic Computer Security Advice Needed Mark Goodridge (May 16)
- RE: Basic Computer Security Advice Needed Sergio Castro (May 16)
- Getting the value of an asset and the probability of a risk to it Rivest, Philippe (May 16)
- RE: Getting the value of an asset and the probability of a risk to it Sergio Castro (May 16)
- Re: Getting the value of an asset and the probability of a risk to it Jon Kibler (May 17)
- RE: Getting the value of an asset and the probability of a risk to it Craig Wright (May 18)
- RE: Getting the value of an asset and the probability of a risk to it Murda Mcloud (May 20)
- RE: Getting the value of an asset and the probability of a risk to it Craig Wright (May 21)
- Getting the value of an asset and the probability of a risk to it Rivest, Philippe (May 16)
- RE: Getting the value of an asset and the probability of a risk to it Craig Wright (May 18)
- RE: Getting the value of an asset and the probability of a risk to it Rivest, Philippe (May 20)
- RE: Getting the value of an asset and the probability of a risk to it Craig Wright (May 21)
- RE: Basic Computer Security Advice Needed Sergio Castro (May 16)
- Re: Getting the value of an asset and the probability of a risk to it Jon Kibler (May 16)