Best Practices For Department Server and Enterprise System ...

More documents

Recommendations

Info

DatabaseSecurityThere are currently minimumsecurity configurations for 14 typesof systems. There are also toolsavailable to test systems against thebenchmarks -http://www.cisecurity.org/index.htmlHave a security assessmentperformed on the system that willcontain the database.Establish accounts for eachindividual user and grant theappropriate level of access necessaryto perform job.Ensure that each user isauthenticated before access isgranted.Have process in place to clean upaccounts once the user no longerrequires access to the database.Update patches, subject to changemanagement process, on the systemas they become available and afterpatches have been tested in a nonproductionenvironmentEncrypt information stored in thedatabase.There are currently minimum securityconfigurations for 14 types of systems.There are also tools available to test systemsagainst the benchmarks -http://www.cisecurity.org/index.htmlHave a security assessment performed on thesystem that will contain the database.Establish accounts for each individual userand grant the appropriate level of accessnecessary to perform job.Ensure that each user is authenticated beforeaccess is granted.Have process in place to clean up accountsonce the user no longer requires access to thedatabase.Update patches, subject to changemanagement process, on the system as theybecome available and after patches have beentested in a non-production environmentEncrypt information stored in the database.Page 4 of 8
Enable auditing and logging featureson the system to capture pertinentinformation pertaining to all useractivities.Enable auditing and logging features on thesystem to capture pertinent informationpertaining to all user activities.NetworkSecurityMonitor network for maliciousand/or abnormal activityApply patches to network devices,operating systems, and software onnetwork subject to changemanagement process.Monitor network for malicious and/orabnormal activityApply patches to network devices, operatingsystems, and software on network subject tochange management process.Encrypt transmissions that containsensitive and/or confidentialinformation.Regularly review logs from networkdevices such as VPN, Routers, IDS,IPS, and Firewalls for suspiciousactivity.Update IDS/IPS signatures regularlyEnsure strong passwords are set andchanged regularly on routers.Remove default passwords from allnetworking devices.Disable all unnecessary services onnetwork devices.Encrypt transmissions that contain sensitiveand/or confidential information.Regularly review logs from network devicessuch as VPN, Routers, IDS, IPS, andFirewalls for suspicious activity.Update IDS/IPS signatures regularlyEnsure strong passwords are set and changedregularly on routers.Remove default passwords from allnetworking devices.Disable all unnecessary services on networkdevices.Page 5 of 8
Page 1: Best PracticesFor Department Server
Page 6 and 7: Use stronger more secure protocolst
Page 8: Title:_____________________________

Best Practices For Department Server and Enterprise System ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?