Copyright(c) Management Analytics, 1995 - All Rights Reserved
Table of Contents
1. Introduction..................................................... 3
1.1 Purpose of this Work............................................ 3
1.2 Audience........................................................ 3
1.3 Definitions..................................................... 4
1.4 Related Work.................................................... 4
1.5 Scope........................................................... 4
1.6 Why Do We Need Security Policies and Procedures?................ 5
1.7 Basic Approach.................................................. 7
1.8 Organization of this Document................................... 7
2. Establishing Official Site Policy on Computer Security........... 9
2.1 Brief Overview.................................................. 9
2.2 Risk Assessment................................................. 10
2.3 Policy Issues................................................... 13
2.4 What Happens When the Policy Is Violated........................ 19
2.5 Locking In or Out............................................... 21
2.6 Interpreting the Policy......................................... 23
2.7 Publicizing the Policy.......................................... 23
3. Establishing Procedures to Prevent Security Problems............. 24
3.1 Security Policy Defines What Needs to be Protected.............. 24
3.2 Identifing Possible Problems.................................... 24
3.3 Choose Controls to Protect Assets in a Cost-Effective Way....... 26
3.4 Use Multiple Strategies to Protect Assets....................... 26
3.5 Physical Security............................................... 27
3.6 Procedures to Recognize Unauthorized Activity................... 27
3.7 Define Actions to Take When Unauthorized Activity is Suspected.. 29
3.8 Communicating Security Policy................................... 30
3.9 Resources to Prevent Security Breaches.......................... 34
4. Types of Security Procedures..................................... 56
4.1 System Security Audits.......................................... 56
4.2 Account Management Procedures................................... 57
4.3 Password Management Procedures.................................. 57
4.4 Configuration Management Procedures............................. 60
5. Incident Handling................................................ 61
5.1 Overview........................................................ 61
5.2 Evaluation...................................................... 65
5.3 Possible Types of Notification.................................. 67
5.4 Response........................................................ 71
5.5 Legal/Investigative............................................. 73
5.6 Documentation Logs.............................................. 77
6. Establishing Post-Incident Procedures............................ 78
6.1 Overview........................................................ 78
6.2 Removing Vulnerabilities........................................ 78
6.3 Capturing Lessons Learned....................................... 80
6.4 Upgrading Policies and Procedures............................... 81
7. References....................................................... 81
8. Annotated Bibliography........................................... 83
8.1 Computer Law.................................................... 84
8.2 Computer Security............................................... 85
8.3 Ethics.......................................................... 91
8.4 The Internet Worm............................................... 93
8.5 National Computer Security Center (NCSC)........................ 95
8.6 Security Checklists............................................. 99
8.7 Additional Publications......................................... 99
9. Acknlowledgements................................................101
10. Security Considerations.........................................101
11. Authors' Addresses..............................................101