View previous topic :: View next topic |
Author |
Message |
alt.don SF Boss
Joined: 04 Mar 2003 Posts: 16777079
|
Posted: Sat Oct 15, 2005 3:42 pm Post subject: Top 10 security concerns |
|
|
Hi guys and gals,
I would like to get your input based on the following questions;
What are your top ten security concerns, as it relates to a middle market corporate network. This would be a network of 250-500 computers, and roughly 5000-1,000 employee's. From the below noted list of projects could you rate for me please, what you would consider the top ten most important to you? For instance;
Number 1 concern = #23 (from list below)
Number 2 concern = #10 (from list below)
and so on. Thanks for your time guys!
Code: |
1. I need a way to test and roll out patches quickly and easily, and need more info about possible problems that might be encountered
2. I need a way to secure email and messaging from viruses and spam
3. I need to protect the confidentiality of email, especially in regulated industries
4. I need an easy way to configure all the components required for a remote access VPN to Windows RRAS server
5. I need to protect against internal threats, both inadvertent and deliberate, including leakage of confidential company info
6. I need a way to protect insiders from social engineering threats
7. I need a way to protect from employees developing "workarounds" for security measures in order to make their jobs more convenient
8. I need to secure my single Exchange Server
9. I need to monitor all the servers and workstations on my network and get Event Log information into a central location, without having to resort to third party apps
10. I need to configure the auditing of my users' file access and alert me of unusual activity
11. I need to configure our WAPs to support WPA and to configure the required supporting network infrastructure
12. I need a way to automatically wall off client computers from the rest of the network when they get infected with worms
13. I need a way to block spyware, malware, and malicious sites at the firewall and not depend on users' browser settings
14. I need a way to support smart card logon for remote access VPN connections, and some help figuring out what hardware and software is required to make it work
15. I need Windows Update/Microsoft Update to work for networks that use authenticating Web proxies
16. I need a way to be automatically notified when an untrusted computer is plugged into trusted network segments and disable that computer
17. I need to be able to easily provision new users, including account setup, group additions, and mailbox configuration
18. I need to be able to provide my users a way to securely reset their own passwords to reduce helpdesk calls
19. I need to provide my users with the ability to manage their own distribution and security groups for communications and permissions
20. I need to provide my partners with secure access to documents over the internet
21. I need to be able to "see" the overall level of security of my environment and get more information on (or remediate) any machines that are not up to our security standards
22. I need to secure laptops/mobile devices including pocket PCs and Smartphones
23. I need to secure a single SQL server
24. I need to provide single-sign-on capabilities for my users across both Windows and Unix/Linux machines
25. I need to consolidate directories between multiple applications/environments
|
Last edited by alt.don on Fri Nov 18, 2005 10:54 pm; edited 1 time in total |
|
Back to top |
|
|
PhiBer SF Mod
Joined: 11 Mar 2003 Posts: 20 Location: Your MBR
|
Posted: Sat Oct 15, 2005 9:59 pm Post subject: |
|
|
1. (21) I need to be able to "see" the overall level of security of my environment and get more information on (or remediate) any machines that are not up to our security standards
*This is my top pick because if you can't see an overall picture of your security, what good are any of the other options?
2. (1) I need a way to test and roll out patches quickly and easily, and need more info about possible problems that might be encountered
*Non-patched machines mean higher risk of exploits, spyware infection, virus infection, etc
3. (12) I need a way to automatically wall off client computers from the rest of the network when they get infected with worms
*This mitigates the risk of complete network infection.
4. (N/A) Disaster Recovery / Business Continuity Plan / Offsite Emergency Planning
*Data is your biggest asset in I.T. (besides humans ofcourse)
and must be recoverable/available no matter what the situation.
5. (22) I need to secure laptops/mobile devices including pocket PCs and Smartphones
*Unsecure laptops and mobile devices are one of the highest threats to network security because of the lax, unenforced security policies that go along with them.
6. (23) I need to secure a single SQL server
*The SQL server may provide confidential client information (i.e. credit card and social security numbers) and needs to be locked down.
7. (18.) I need to be able to provide my users a way to securely reset their own passwords to reduce helpdesk calls
*End users cannot be writing down their passwords on sticky notes nor can they be using simple passwords like "hello". This is why the concept of least privileage must be highly enforced. A compromise to one account does not necessarily mean a compromise on the network.
8. (13) I need a way to block spyware, malware, and malicious sites at the firewall and not depend on users' browser settings
*Perimiter security is a must.
9. (8.) I need to secure my single Exchange Server
*E-mail confidentiality needs to be enforced to protect company secrets as well as highly classified information.
10. (2) I need a way to secure email and messaging from viruses and spam
*This too should be accomplished at the server/perimeter level, before the users get the message.
Another category I would add is diversity of defense. This means creating dissimilar layers of defense so that if an attacker knows how to bypass one layer, the next may not be quiet as simple.
Last edited by PhiBer on Mon Oct 17, 2005 3:17 am; edited 3 times in total |
|
Back to top |
|
|
RoboGeek SF Mod
Joined: 13 Jun 2003 Posts: 16777166 Location: LeRoy, IL
|
Posted: Sat Oct 15, 2005 10:41 pm Post subject: |
|
|
These are not my top 10, but the top ones from the provided list...
1. I need a way to test and roll out patches quickly and easily, and need more info about possible problems that might be encountered
2. I need a way to secure email and messaging from viruses and spam
9. I need to monitor all the servers and workstations on my network and get Event Log information into a central location, without having to resort to third party apps
10. I need to configure the auditing of my users' file access and alert me of unusual activity
22. I need to secure laptops/mobile devices including pocket PCs and Smartphone
20. I need to provide my partners with secure access to documents over the internet
12. I need a way to automatically wall off client computers from the rest of the network when they get infected with worms
13. I need a way to block spyware, malware, and malicious sites at the firewall and not depend on users' browser settings
14. I need a way to support smart card logon for remote access VPN connections, and some help figuring out what hardware and software is required to make it work
The biggie is the patch rollout - since the latest patch killed Norton, spysweeper and windows update. And it sux because I endorse the 'update frequently' policy and this patch has cost me thousands of dollars so far fixing machines at my clients sites.
|
|
Back to top |
|
|
tutaepaki Trusted SF Member
Joined: 02 May 2002 Posts: 3 Location: New Zealand
|
Posted: Sun Oct 16, 2005 9:10 pm Post subject: |
|
|
1. #22
2. #9
3. #5
4. #7
5. #12
6. #16
7. #3
8. #10
9. #20
10. #24
|
|
Back to top |
|
|
karkrazy Just Arrived
Joined: 14 Oct 2005 Posts: 1
|
Posted: Mon Oct 17, 2005 5:52 am Post subject: My Top 10 Security Concerns |
|
|
Hi guys,
With the list provided, my top 10 security concerns are listed below. However, I would like to add that all the major security issues have not been covered in the list given.
1. #22
2. #17
3. #21
4. #12
5. #7
6. #6
7. #5
8. #13
9. #2
10. #20
Regards
karkrazy
http://www.big4guy.com
|
|
Back to top |
|
|
mmkhan Just Arrived
Joined: 11 Jul 2004 Posts: 1
|
Posted: Mon Oct 17, 2005 6:41 am Post subject: |
|
|
1 (1).
2 (5).
3 (7).
4 (9).
5 (10).
6 (12).
7 (13).
8 (16).
9 (17).
10 (21).
|
|
Back to top |
|
|
graycat SF Mod
Joined: 29 Apr 2005 Posts: 16777195 Location: London, UK
|
Posted: Mon Oct 17, 2005 3:01 pm Post subject: Re: Top 10 security concerns |
|
|
Code: |
1) 1. I need a way to test and roll out patches quickly and easily, and need more info about possible problems that might be encountered
2) 2. I need a way to secure email and messaging from viruses and spam
3) 5. I need to protect against internal threats, both inadvertent and deliberate, including leakage of confidential company info
4) 7. I need a way to protect from employees developing "workarounds" for security measures in order to make their jobs more convenient
5) 8. I need to secure my single Exchange Server
6) 9. I need to monitor all the servers and workstations on my network and get Event Log information into a central location, without having to resort to third party apps
7) 16. I need a way to be automatically notified when an untrusted computer is plugged into trusted network segments and disable that computer
8) 21. I need to be able to "see" the overall level of security of my environment and get more information on (or remediate) any machines that are not up to our security standards
9) 22. I need to secure laptops/mobile devices including pocket PCs and Smartphones
|
ok so it's only 9, but i could add about another 5 not on the list lol
|
|
Back to top |
|
|
aelias Just Arrived
Joined: 23 Sep 2005 Posts: 1 Location: USA
|
Posted: Tue Oct 18, 2005 11:34 pm Post subject: |
|
|
1--- #20
2----#1
3----#3
4----#4
5----#21
6----#9
7----#12
8----#5
9----#16
10---#14
|
|
Back to top |
|
|
rajenkins Just Arrived
Joined: 09 Oct 2005 Posts: 1 Location: Worksop, UK.
|
Posted: Wed Oct 19, 2005 10:50 am Post subject: |
|
|
I agree that the list does not fully match my concerns.
Highest priorities are:
Firewall & security on internet gateways.
Anti-virus on mail servers.
Anti-virus & anti-malware/adware etc. on client machines.
Ensuring these stay up to date.
Then:
Backups & disaster recovery capability.
Email security & ensuring policies are posted.
Provisioning new users.
Preventing users messing things up.
Secure remote access for company reps, field engineers etc.
|
|
Back to top |
|
|
secguide Just Arrived
Joined: 09 Feb 2005 Posts: 7
|
Posted: Wed Oct 26, 2005 5:35 pm Post subject: Security Priority List - Feedback Request |
|
|
Hi all:
Tony Bailey, Microsoft Security Solutions Product Manager here. I've been trying to validate a list of security priorities based on your input from the forum here on security-forums. This is what I have so far - in order of priorities - would really like to hear your thoughts. Is this accurate? Am I missing anything major? Are there duplicate items in the list that could be combined?
Thanks!
I need a way to block spyware, malware, and malicious sites
I need to be able to monitor the overall level of security of my environment and remediate any machines that are not up to security standards
I need a way to roll back patches quickly and easily, and need more info about possible problems that might be encountered
I need a way to secure email and messaging from viruses and spam
I need to be able to easily provision new users, including account setup, group additions, and mailbox configuration
I need to protect against internal threats, both inadvertent and deliberate, including leakage of confidential company info and employee workarounds
I need to provide my partners with secure access to documents over the internet
I need a way to automatically wall off untrusted or infected computers from the rest of the network
I need to secure my single Exchange Server
I need to be able to provide my users a way to securely reset their own passwords to reduce helpdesk calls
I need an easy way to configure all the components required for a remote access VPN to Windows RRAS server
I need to configure the auditing of my users’ file access and alert me of unusual activity
I need a way to roll out patches quickly and easily
I need to protect the confidentiality of email
I need a way to support smart card logon for remote access VPN connections, and help on what hardware and software is required to make it work
I need Windows Update/Microsoft Update to work for networks that use authenticating Web proxies
Last edited by secguide on Tue Dec 27, 2005 9:18 pm; edited 1 time in total |
|
Back to top |
|
|
AdamV SF Mod
Joined: 06 Oct 2004 Posts: 24 Location: Leeds, UK
|
Posted: Thu Oct 27, 2005 10:52 am Post subject: |
|
|
13
2
1
22
15
7
5
21
17
14
(11 comes a close 11th)
and
NOT
19. I need to provide my users with the ability to manage their own distribution and security groups for communications and permissions
rather
!19. I need to prevent my users from managing their own security groups ever, and I don't really trust them to manage distribution groups properly either.
I have included in the ten the priorities including things which might be already in place, so in some firms the "I need X" would be replaced with "I need to reliably maintain the operation of X".
It is hard to distinguish between the priority of getting something and the priority of keeping it. From a risk-management perspective the risk is of "not having it" so the two are equivalent, but it could be deemed more important to ensure that something you have come to rely on is truly reliable.
|
|
Back to top |
|
|
|