Home page logo

basics logo Security Basics mailing list archives

RE: Best practices for a small business's security
From: "Jason Balicki" <kodak () frontierhomemortgage com>
Date: Mon, 29 Dec 2003 16:07:37 -0600

I am looking for best practices or an outline to follow for 
helping a small 
company to secure their business.  I've found many resources on the 
technical aspects, but am hoping for suggestions for websites or books 
covering the business aspects as well.  Any help would be much 

I have no idea how useful it is yet, but I'm currently evaluating
the CERT OCTAVE-S program.  It appears to be what you're looking
for.  The guides are free and downloadable.  The full OCTAVE program
is for huge companies, but the OCTAVE-S program is for small (less than
a hundred or so employees) businesses.  It's still overkill for a
mom & pop shop, but it's something.

It's designed to put the IT people and the business people in a room
and work out a site-specific security policy, to evaluate current
weaknesses and to lay out a security implimentation plan.

OCTAVE-S is currently at version 0.9, and version 1.0 is expected

Check it out:




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]