PaulDotCom mailing list archives
Re: IT Security Topics for Small Business
From: TheTolik <thetolik () yahoo com>
Date: Fri, 7 Dec 2012 06:23:51 -0800 (PST)
Thank you, everyone, for your input! Very valuable feedback, great ideas, great contributions. I anticipate starting the major efforts on this early next year, and look forward to getting a live document going on this which can be shared and used collectively. Andy | oxbeef ________________________________ From: Arch Angel <arch3angel () gmail com> To: pauldotcom () mail pauldotcom com Sent: Monday, December 3, 2012 6:59 PM Subject: Re: [Pauldotcom] IT Security Topics for Small Business Andy, I would like to commend you on this thread, and I hope you compile the list to share with others. I think a wonderful project would be for the community to pull together and compile either an open documentation project or baseline of guidelines with helpful links and suggestions such as this. With that being said... I would also consider Disaster Recovery (DR) as well, I know it is not directly security related but the off-site data, and/or data in transit is vital; should be considered in my opinion. All the previous mentions are spot on and well recommended! While others have mentioned areas of interest I would like to throw out some vendors/solutions I think would be helpful to small businesses with a limited budget but must comply or simply have better security. 1. Security Awareness and High Level Training 1. Community could come together and build this training and share it 2. Email Etiquette, Email Threats, and Email Security 1. Consider US-CERT Alerts, or other notifications 2. Community could also come together and build an Email Etiquette/training program and share it 3. Network and System Vulnerability Scanning/Patching 1. OpenVAS 2. Nessus 4. Network Security (Firewalls) 1. pfSense 2. Smoothwall 3. Monowall 4. Linux w/iptables 5. Backups and Backup Security 1. CloneZilla (budget purposes) 6. Wireless and WiFi Security 1. Alpha cards, with Kismet 1. Save files as XML, then parse and dump into a database for recall later 7. System Security, AV/HIPS 1. OSSEC 2. Microsoft Security Essentials or Microsoft Forefront 8. Sensitive Information and Applicable Laws, Regulations, and Compliance Requirements 1. The community could come together and build a list of useful links compliance information, etc. I know this may not be as helpful as others, but I hope it helps a little. - Robert (arch3angel) On 12/2/12 10:57 AM, TheTolik wrote: I am working on creating a guide to IT Security to help companies without or with a minimal IT budget protect themselves and their customers, and am looking for community's input into the topics that should be discussed.
I also see a lot of value in including recommendations for applicable tools/technologies that are easily accessible, easy to use, and yet effective, with strong affinity towards open source, and therefore would be very appreciative for input on per-topic basis. So far in regards to the topics, I have (In no particular order) - Security Awareness and High Level Training - Account Management / Password Management / Local Admin Rights - Email Etiqute, Email Threats, and Email Security - Network and System Vulnerability Scanning/Patching - Network Security (Firewalls) - Backups and Backup Security - Wireless and WiFi Security - System Security, AV/HIPS - Website Security and Web/Application Security Testing - Sensitive Information and Applicable Laws, Regulations, and Compliance Requirements Any valuable input would be greatly appreciated. Thanks, Andy | oxbeef _______________________________________________
Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- IT Security Topics for Small Business TheTolik (Dec 02)
- Re: IT Security Topics for Small Business Steven Perez (Dec 02)
- Re: IT Security Topics for Small Business TheTolik (Dec 02)
- Re: IT Security Topics for Small Business Bugbear (Dec 02)
- Re: IT Security Topics for Small Business Hevnsnt (Dec 02)
- Re: IT Security Topics for Small Business allison nixon (Dec 02)
- Re: IT Security Topics for Small Business Hevnsnt (Dec 02)
- Re: IT Security Topics for Small Business gold flake (Dec 02)
- Re: IT Security Topics for Small Business Conrad Constantine (Dec 02)
- Re: IT Security Topics for Small Business Arch Angel (Dec 03)
- Re: IT Security Topics for Small Business TheTolik (Dec 07)
- <Possible follow-ups>
- Re: IT Security Topics for Small Business Herndon Elliott (Dec 03)
- Re: IT Security Topics for Small Business Bradley McMahon (Dec 03)
- Re: IT Security Topics for Small Business Josh More (Dec 03)
- Re: IT Security Topics for Small Business Brian Erdelyi (Dec 03)
- Re: IT Security Topics for Small Business Bradley McMahon (Dec 03)
- Re: IT Security Topics for Small Business Arch Angel (Dec 03)
- Re: IT Security Topics for Small Business Bradley McMahon (Dec 03)
- Re: IT Security Topics for Small Business Steven Perez (Dec 02)