Using Reflex Disknet Pro to Aid Compliance with BS 7799 & ISO/IEC ...

More documents

Recommendations

Info

Fig. 4 By initiating an immediate log of the event and also activating an email alert (Fig. 5) to designated personnel security, incidents can be dealt with immediately. All monitored events are added to a security log on the local PC/laptop that is periodically synchronised with a central audit log. This audit log records a unique ID log number, time, the event name, whether an alert was issued, user name, host name (PC), source and message. Since audit logs by nature have a habit of growing in size very quickly, filtering is also supplied so that specific events can be viewed or incidents for a specific user or group can be viewed. 3.3. Protection against malicious software [8.3] This clause deals with the protection from computer viruses, network worms, Trojan horses and logic bombs, collectively referred to as malware. Malware at worst has the ability to destroy or alter software and information. Even in its most benign form, it can disrupt systems by replicating and sending automated emails to those addresses stored in the host computers address book. Anti-virus software can be used to detect known viruses and if kept regularly up to date, effectively this means daily at the very least, perform reasonably. However, there is always the “window of opportunity” between when a new virus or worm is released into the world and the anti-virus companies issue an update to their products that will recognise it. Protection for this period has become known as “zero day” protection, and is considered by some as the “Holy Grail” with regard to anti-virus research. RDP has the potential to offer zero day protection. Indeed, Reflex Magnetics Ltd have clients © Reflex Magnetics Ltd 10
that make use of the products zero day protection capabilities and report no virus infections. Logic bombs present a real problem for anti-virus software since a logic bomb can be targeted at a particular organisation. Therefore, the first people to see this malicious code will be the target and as such their anti-virus software will not recognise the attack. RDP’s zero day protection will also help to combat this threat. Fig.5 3.4. Controls against malicious software [8.3.1 (a) (b) (e) (f)] The standard requires that a formal policy exists requiring compliance with software licences, prohibiting the use of unauthorised software, and one that protects against the risks associated with obtaining files and software from or via external networks, or on any other medium. RDP can be used to absolutely enforce such a policy. By selecting the PSG option, which prevents the addition of any new executable files whilst locking the currently installed executables files as “read only”, software licensing is maintained since no new software can be installed without the permission of the system administrator. It does not matter where these types of file are intended to be introduced, they will be blocked. Non executable files can be subjected to a virus scan as an added precaution before the media on which they are stored is authorised for use. This will include the checking of email attachments. The PSG tab from within the profile template can be viewed at Fig. 3. © Reflex Magnetics Ltd 11
Page 1 and 2: Using Reflex Disknet Pro to Aid Com
Page 3 and 4: 6.1. SOFTWARE COPYRIGHT [12.1.2.2]
Page 5 and 6: Meeting and Retaining the Standard
Page 7 and 8: From within the RDP administration
Page 9: RDP through the use of it’s Progr
Page 13 and 14: 3.7. Disposal of media [8.6.2 (a)]
Page 15 and 16: 5.4. Change control procedures [10.

Using Reflex Disknet Pro to Aid Compliance with BS 7799 & ISO/IEC ...

Create successful ePaper yourself

Delete template?

Save as template?