- Image via Wikipedia
There is a lot of focus on network security and application security today. Years ago it was operating system security that was all the rage. But with the advent of the strict requirements of some of the regulations such as HIPAA, PCI, SOX, and FISMA, more attention needs to be paid to the operating system. As Windows is still dominant, what are some of the features you need to be concerned with in an application?
Some key feature of a host security assessment tool are:
- Ability to quickly audit
- Ability to inventory
- Structure for classification of components
- Patch management of course
- Ability to baseline and report against the baseline
- Templates of the regulatory requirements
- Templates of different levels of security configurations
- Threat identification and classification
- User management
- Port security assessment and management
- Service and process analysis
A baseline configuration for operating system security, cover things such as patch levels, ports, services, processes, logging, policy settings and user configuration, should be the first step for any company in host security assessment and diagnostics. If you build from scratch, or don’t use a secure template, you will always be in trouble. Timely updates and reconfiguration of your baseline is necessary.
Your operating system like your network security should match your corporate business practices and procedures. Policies should be in place for this of course. Over time you should be able to benchmark your host security problems, solutions and changes.
Gary Bahadur
Address: 200 Se 1st St #601 Miami FL 33131
*Managed Security Services
*Vulnerability Management
*Compliance & Policy Development
*FREE Website Security Test
Related articles by Zemanta
- Lumension Highlights Six Critical Elements To Ensure Painless FISMA Compliance (prweb.com)
- Security vs. Compliance in the Cloud (web2.sys-con.com)
- Security Compliance Manager – beta signup now available (blogs.technet.com)