nanog mailing list archives
RE: OPM Data Breach - Whitehouse Petition - Help Wanted
From: "Naslund, Steve" <SNaslund () medline com>
Date: Fri, 19 Jun 2015 14:43:08 +0000
No I intentionally left those out. Here is why. If they would do small incremental work, they don’t get into the areas of congressional approval and GSA. You can just do the small incremental projects under your IT operations budgeting. There is a big misconception that everything requires congressional approval or a lot of red tape to get done, it is all about thresholds. If you wanted to replace an old obsolete switch or router, you don't need to go there. If you propose to replace 10,000 switches and routers, then you would. Steven Naslund Chicago IL
On Fri, Jun 19, 2015 at 9:55 AM, Darden, Patrick <Patrick.Darden () p66 com> wrote: Good point. It's a massive job, and sometimes it is best to look at those piecemeal. Start with small goals, and pick low hanging fruit--your example of the server room is good. Set it up with and IDS, a firewall, harden thehosts by turning off/removing unused/unneeded services, setting up tripwire, and encrypt all data on the drives,then look to password policy enforcement. Then start actively securing it (monthly audits, daily log checks, etc.). >>Doable. Then pick the next lowest hanging fruit and repeat.
You left out: Formulate Bid Solicitation team Procure funding for Bid Solicitation team Request Congressional approval for Bid Solicitation team Request funding for team to win Congressional approval of Bid Solicitation team Receive first round funding for team to win Congressional approval..... Director retires, project status in limbo New round of higher funding sought Congressional recess, projects in limbo Bid process begins, 3 of 4 are non-GSA and require further funding for new approval process After 2 years of paperwork, initial funding for 2 year old IDS v1.1 (that's what was approved!) is approved. repeat, ad nauseam
-Jim P.
Current thread:
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted, (continued)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Nick B (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted shawn wilson (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Stephen Satchell (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Damian Menscher via NANOG (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Ronald F. Guilmette (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted mikea (Jun 18)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Stepan Kucherenko (Jun 18)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Darden, Patrick (Jun 19)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Jim Popovitch (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted William Herrin (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- Re: OPM Data Breach - Whitehouse Petition - Help Wanted Jim Popovitch (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: OPM Data Breach - Whitehouse Petition - Help Wanted Naslund, Steve (Jun 19)
- RE: Re: OPM Data Breach - Whitehouse Petition - Help Wanted Darden, Patrick (Jun 19)