Computer Crime Research Center

library/img13.jpg

Electronic Pearl Harbour

Date: October 15, 2003
Source: Computer Crime Research Center


Page 1 2
... should be the minimum due diligence for IT governance – but we are nowhere near that now,” says Caelli. “I am very pessimistic that boards of directors will head the call to up the ante on computer security.”


WHAT TO DO TODAY



Begin investigating the next generation of secure technology, such as Trusted Solaris Version 8, SE Linux or Hewlett-Packard VirtualVault.


Be wary of Web services. Get clear answers from vendors on security. Take up a watching brief on Web services and do not commit until you are absolutely certain your solution will be secure.


Commit to educating and training IS staff on IT governance including the possible legal obligations that may result from IS system failure.


SECURITY: WHAT ELSE CAN YOU DO?

Initiate a review of your firewalls and check the current rule sets in the firewall.


Check the position of the firewalls in the network and ensure it sits in front of any routers and switches. It should be the primary entry point to your organisation.


Make sure you’re up to date on all patches.


Designate responsibility for security and ensure that this person is given training and the clout to be effective.


Join AusCert (www.auscert.org.au).
Page 1 2
Add comment  Email to a Friend

Discussion is closed - view comments archieve
2005-09-02 05:53:45 - Your blog is very interesint Gergana
Total 1 comments
Copyright © 2001-2024 Computer Crime Research Center
CCRC logo