Home page logo
/

basics logo Security Basics mailing list archives

Re: Security Incident Handling / Organization
From: Gleb Paharenko <gpaharenko () gmail com>
Date: Sun, 15 Nov 2009 17:41:47 +0200

Hi, Tony!

I suggest you to start from defining roles and assigning them to
personnel. It is a good practice for security incidents to form ad-hoc
team, which should include IT/helpdesk specialist for technical work
and some one from management,  who has enough power for administrative
actions. Later you can allocate a dedicated persons for a roles. For
strategic IT security initiatives you might want to form a security
committee (board) in the company.

2009/11/11 Tony Raboza <tonyraboza () gmail com>:
Hi all,

Recently I posted regarding a possible "Zombie / Botnet" that I
discovered.  Anyway - my company does not have yet any IT security
group - that's why sometimes its quite hard to do incident
handling/analysis.  I am one of the Systems and Network Administrator
and IT security is a subset of our work.   We have lots of remote
offices and we have IT Helpdesk in most of them.

I'm proposing to our company that an IT security group be formed.  For example:

You have a workstation broadcasting abnormal high UDP traffic.  The IT
security group goes in and investigates.  They pull out workstation if
needed be.  IT Helpdesk issues a service unit so that user can
continue working.

Is this correct?  What do you think?  What is the recommended best practice?

Thanks.



Best,
Tony

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------





-- 
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
http://www.linkedin.com/in/gpaharenko
+380503116172

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]