Preview

Policy Monitoring and Enforcement Strategy: The SANS Institute

Good Essays
Open Document
Open Document
577 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
Policy Monitoring and Enforcement Strategy: The SANS Institute
Management of a 7,000 strong organization strung across 35 locations is an enormous undertaking. The possibility of abuse of company 's resources is a real risk "that can lead to regulatory noncompliance" (Johnson, 2011). To ensure the company 's profitability and survivability would need strict enforcement of security policies. The two most monitoring and enforcement policies I would be most concerned about is, Access Control, and virus protection. The monitoring regulations I would rely on for this activity are audit trails provided by logs, and ISO 27001/27002 (formerly ISO 17799:2005), ITIL and NIST SP-800 53 " Recommended Security Controls for Federal Information Systems" standards. Logs are a great monitoring tool that provides a record of events. As such, I need every occurrence to be logged, tracked and reported on. For each entry, I want to know "what" occurred, "when" it occurred, and "who" or what cause it. Monitoring compliance would allow me to: (1) "Detect and correct violations (2) Provide evidence to support enforcement actions (3) Evaluate program progress by establishing compliance status (4) Provide case studies for staff training (The SANS Institute, 2012). At each location I would nominate ISS enforcement officers who will be held responsible for monitoring and enforcement strategies to ensure that employees act in according with acceptable use policies (AUPs), set forth by management to ensure the organization assets are protected. Sguil (pronounced sgweel) is one of the best GUI monitoring tool around I would use that provides "real time events, sessions data, and raw packet captures." It facilitates seamless analysis, as when an alert that needs more investigation has been identified, it makes a decision on how to handle the situation. Sguil uses a backend database for most of its data, which allows users to perform SQL queries against several different types of security events (The SANS Institute, 2012). For access control, I would use


References: Johnson, Rob. with Merkow, Mike. Security Policies and Implementation Issues. First Edition. Copyright © 2011by Jones & Bartlett Learning, LLC, an Ascend Learning company The SANS Institute (2012). Logging and Monitoring to Detect Network Intrusions and Compliance Violations in the Environment: http://www.sans.org/reading-room/whitepapers/detection/logging-monitoring-detect-network-intrusions-compliance-violations-environment-33985
Continue Reading
View Writing Issues

You May Also Find These Documents Helpful

  • Better Essays

    Kudler Fine Foods IT Security Report FINAL WEEK 5
    • 2101 Words
    • 8 Pages

    Kudler Fine Foods IT Security Report FINAL WEEK 5

    Whitman, M., & Mattord, H. (2004). Information Security Policy. In Management of information security(Fourth ed., p. 154). Boston, Mass.: Thomson Course…

    • 2101 Words
    • 8 Pages
    Better Essays
    Read More
  • Powerful Essays

    Omega Perimeter Design Project
    • 2606 Words
    • 11 Pages

    Omega Perimeter Design Project

    Main Security Concerns: As a rapidly growing business that primarily utilizes IT resources for intranet company communications between and among a single home office and three satellite offices; internal network access controls and remote employee user’s access controls seem to be of primary importance. Priority number one should be hardening and the safeguarding of access and data integrity of the Oracle database servers housed as the main office in Reston, VA. And separately at the San Diego satellite office A comprehensive security policy will be developed and approved by management that will detail the specific guidelines administrators must follow when allowed admin access to company IT resources and services, and when and how those permissions should be denied or allowed. Additionally, auditing and logging of critical events should be implemented utilizing a reliable SEIM (Security Information and Event Management) system. Moreover, control of user access from remote sites via the company intranet via VPN’s and remote access via RADIUS should be strengthened and monitored for both qualitative and quantitate analysis and measuring. Cryptographic techniques will be enhanced and login and password requirements will be strengthened. Of significant importance is the company web presence and corporate access to its knowledge base portal within the company intranet. The company web presence is of vital importance to allow customers to access information concerning the company’s products and services. The knowledge portal is vital for company employees to have access to propriety information while protecting their confidentiality, integrity, and availability of the data. We will separate and hardened both the web server and the knowledge portal via…

    • 2606 Words
    • 11 Pages
    Powerful Essays
    Read More
  • Satisfactory Essays

    IT255 Project 1
    • 663 Words
    • 2 Pages

    IT255 Project 1

    At Richman Investments the personnel is accountable for the appropriate use of IT assets. Therefore, it is in the best interest of the organization to ensure employees handle security procedures with integrity. It is essential to create a strong AUP (Acceptable Use Policy) procedure and as part of the process, require employees sign an agreement to guarantee they understand and conform to implemented rules and regulations. In addition, the company will conduct security awareness training, annual security exercises, notices about securing information, and constant reminders security is everyone’s responsibility.…

    • 663 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    It244 R Appendix E
    • 650 Words
    • 3 Pages

    It244 R Appendix E

    Describe the policies for securing the facilities and the policies of securing the information systems. Outline the controls needed for each category as relates to your selected scenario.…

    • 650 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    Wk 5 Chapter 11 & 13 Learning Check
    • 627 Words
    • 3 Pages

    Wk 5 Chapter 11 & 13 Learning Check

    Before any strategy takes place, an auditor must determine the end result desired from the Information Technology being used as well as the type of technology being dealt with. The most important thing is security thus it is vital to know this technology in and out to be able to determine its strengths and weaknesses. This allows for proper compensation to combat such attacks whether they are fraudulent or accidental in nature. It is necessary to be familiar with different types of proven viable internal control setups to properly test and gage an IT’s internal control system. There are three different strategies use when testing internal controls. First includes assessing the controls using user control information. In this strategy, an auditor would gather computer-generated reports and compare those to all documentation on specific transactions. This process is also known as auditing around the computer because it deals with more hard copy documents. The next strategy entails using application controls to determine the level of risk…

    • 627 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Com 135 Week 5 Analysis
    • 678 Words
    • 3 Pages

    Com 135 Week 5 Analysis

    Three complete security policies. Use the Week 5 writing assignment as your starter policy for this section.…

    • 678 Words
    • 3 Pages
    Satisfactory Essays
    Read More
  • Satisfactory Essays

    NT2580
    • 331 Words
    • 2 Pages

    NT2580

    Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.…

    • 331 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    NT2580 Unit 5 Testing and Monitoring Security Controls
    • 563 Words
    • 3 Pages

    NT2580 Unit 5 Testing and Monitoring Security Controls

    Log Files contain complete records of all security events (logon events, resource access, attempted violations of policy, changes in system configuration or policies) and critical system events (service/daemon start/stop, errors generated, system warnings) that can allow a admin to quickly discover the root cause of any issues.…

    • 563 Words
    • 3 Pages
    Good Essays
    Read More
  • Good Essays

    It 205 Week 3 Assignment
    • 667 Words
    • 2 Pages

    It 205 Week 3 Assignment

    Here are some of the tools that as owner should be in place, one is Access control it consist of all the policies a company uses to prevent improper access to systems by unauthorized insiders and outsiders. To gain access a user must be authorized and authenticated. Another tool is a firewalls they prevent unauthorized user from accessing private networks. There are a number of firewall screening technologies, and applications, including static packet filtering, stateful inspections, Network Address Translations and application proxy filtering they are often used in combination to provide firewall protection. Others are antivirus and antispyware software, which are designed to check computer systems and drives for the presence of computer viruses and eliminates the virus…

    • 667 Words
    • 2 Pages
    Good Essays
    Read More
  • Powerful Essays

    INF 325 Week 1: A Case Study
    • 2472 Words
    • 10 Pages

    INF 325 Week 1: A Case Study

    Olzak, T. & Bunter, B. (2010, May 07). Security basics - components of security policies. Bright…

    • 2472 Words
    • 10 Pages
    Powerful Essays
    Read More
  • Powerful Essays

    Nt1310 Unit 1 Assignment 1
    • 1434 Words
    • 6 Pages

    Nt1310 Unit 1 Assignment 1

    A popular saying is, “inspect what you expect,” and this is definitely true in the area of IT information security auditing. The goal should not be to catch rule breakers, but rather to work with IT and the business to ensure nothing slips through the cracks and that solid practices are always followed. Doing this will go a long way to ensuring and maintaining the expected information security policy of the…

    • 1434 Words
    • 6 Pages
    Powerful Essays
    Read More
  • Good Essays

    Unit Btec Diploma It
    • 950 Words
    • 4 Pages

    Unit Btec Diploma It

    Audit logs: Audit logs allow computer administrators to get a good idea of where visitors are coming from, how often they return, and how they navigate through a site…

    • 950 Words
    • 4 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    LAB 4 Using Group Policy Objects And Microsoft Baseline Security Analyzer
    • 386 Words
    • 2 Pages

    LAB 4 Using Group Policy Objects And Microsoft Baseline Security Analyzer

    Proper management control need to be in place in an organization to govern the level of…

    • 386 Words
    • 2 Pages
    Satisfactory Essays
    Read More
  • Good Essays

    Testing and Monitoring Security Controls
    • 588 Words
    • 3 Pages

    Testing and Monitoring Security Controls

    Log Files encompass complete records of all security events (logon events, resource access, attempted violations of policy, and changes in system configuration or policies) and critical system events (service/daemon start/stop, errors generated, system warnings) that can allow an administrator to quickly discover the root cause of any issues.…

    • 588 Words
    • 3 Pages
    Good Essays
    Read More
  • Satisfactory Essays

    Testing and Monitoring Security Controls
    • 564 Words
    • 2 Pages

    Testing and Monitoring Security Controls

    Given the following list of end-user policy violations and security breaches, select three breaches and identify strategies to control and monitor each event to mitigate risk and minimize exposure.…

    • 564 Words
    • 2 Pages
    Satisfactory Essays
    Read More

Related Topics