APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

How to respond to a Security Incident

The first thing that an organization needs to understand is exactly what constitutes an incident, what incidents are reportable and what actions they need to take when an incident occurs. The purpose of an incident response plan is to respond, investigate and report any abnormal activities that deviate from approved or expected practices on your organization's information system resources. Your plan should include a description of a security violation, a security incident and an example of when a technical vulnerability causes or could cause one or the other.

Title Last Comment
Protect your Laptop with TrueCrypt  
- Truly affordable hard drive, laptop and USB Drive encryption software for your business critical data -

Recovery Time Objectives  
- The RTO is a goal or an ideal time in which you need a specific resource or service to be available following an interruption or outage. In essence -

Insider Threat  
- An enormous threat exists within each and every organization. -

Vendor Management Techniques  
- Risks of granting system access to a third-party provider -

Security Information Management (SIM) solutions  
- Automating log analyis for IT governance and the establishment, monitoring, and enforcement of IT and business policies. -

Endpoint Security  
- Enforcing endpoint security to better protect and secure remote access to your infrastructure -

PCI DSS and ISO 17799  
- differences between the ISO 17799 and PCI DSS information security standards -

Security and Trust  
- Last month's data breach disclosure from retail giant TJX Companies, will have a far reaching impact on their branding for years to come. We still refer to the BJ's Warehouse data breach from 2 years ago and last year's ChoicePoint incident. One of the major lessons that must be learned from these breaches is the impact of security and privacy on brand reputation and customer loyalty. To back up the assumption that security can be a competitive advantage or detractor for a business, one should read the following study called "Secure the Trust of Your Brand". -

Did TJX act properly?  
- Did TJX take appropriate steps after their data infrastructure was breached -

Browser Security  
- Improving Browser Security: Scandoo is a free service from ScanSafe that delivers safer Internet searches. Acting as a virtual search detective, Scandoo adds an icon next to each resulting link so you can tell at a glance whether it leads to a good site, suspect site or a bad site. This site works for Internet Explorer and Firefox. -

Choosing an information security services provider  
- tapping into a security service provider might be the best way to protect your company -

Hardening your perimeter  
- techniques available to harden or secure your network perimeter. -

AIX Operating System Hardening Procedures & Security Guide  
- System Hardening Procedures for AIX using the principle of least privilege. If the user does not need the service, they are not allowed to access that service. -

How to respond to a Security Incident  
- Should you experience a security incident response, how you respond is critically important. You may need increased computer security efforts. -

ASP's and security  
- A growing number of companies are using software hosted by application service providers. That means that business information is running on systems managed by a third party and accessed over a virtual private network (VPN) or over the Internet using secure socket layer (SSL). -

HIPAA Security Rule gap analysis  
- Important details to be aware of in HIPPA regulations. A gap analysis can help you meet this regulation. -

Wireless Network Security  
- Wireless networks are not just popular and convenient for mobile computer users. Crackers are finding them an easy target to gain entry into corporate networks. Digital intruders are compromising defenseless air space at corporations, public hot spots and homes to gain illegal entry to computers. A hot spot is an area within range of a wi-fi antenna, which allows internet access or network connectivity to happen by sending the packets via radio waves. -

- Phishing, also called "carding," is a high-tech scam that uses spam to deceive consumers into disclosing their credit card numbers, bank account information, Social Security numbers, passwords, and other sensitive information. -

Hardening your Perimeter  
- If your router is compromised, you are open to attack. Learn how to minimize your risk and maximise protection. -


Security Analysis and Audit  
- Security Analysis and Audit, a systematic, measurable technical assessment of how a security policy is employed at a specific site. -

Employee Monitoring   2013/02/07 MIkeadams
- It is estimated that employee Internet misuse and abuse causes over four billion dollars in lost work productivity. -

- If you use a high speed connection, there are hundreds of "crackers" out lurking on the internet, looking to get a remote-access trojan horse or listener installed on your system, access it and find out what's on it. This isn't an exception anymore. Trojans and worms using trojan elements are the new viruses of the Internet. A trojan infection can allow total remote access to your computer by a third party. -

I don't need no stinkin patches!!  
- By providing updated patches to your environment, security experts agree, that up to 80% of known exploits and vulnerabilities would be rendered trivial. -

Windows RPC flaw  
- An attack tool, also known as an autorooter, is being used to compromise Windows servers -

Forinet FortiGate-50 - What Network Security should be  
- Fortinet FortiGate-50 - What Network Security shouldbe -

AIX Secure Image Installation Procedures  
- NOTE: Screenshots are from an ASCII installation of AIX 5.1 using Windows HyperTerminal. -

GIAC Enterprises Goes Cyber!  
- GIAC Enterprises will make every concerted effort to follow a best practices policy, in regards to its network topology. -

Poly (morphic) want a server Runaway worm  
- Worms that are active will be able to 'learn' and change characteristics as they spread from system to system. -

Browser Hijacking  
- Browser Hijacking. None of this has to happen. Beyond the usual benefits of running an up-to-date antivirus software and firewall program and regularly downloading Microsoft's critical updates, two of the biggest security flaws behind browser hijacking can be fixed with a pair of quick downloads and a third can be remedied by installing a better browser. -

Samepage - Redefining how people create and share information

Have you tried our Tests?