DataSecurityPolicies.com Recommends first.org Library

The document library at first.org is an excellent resource for anyone developing data security policies and standards.

There you can find papers and presentations, a best practices guide library and a security reference index.

Best practices guides include:

Acceptable Use Policy Template
CERT-in-a-box
Checking Microsoft Windows Systems for Signs of Compromise
Checking UNIX/LINUX Systems for Signs of Compromise
CSIRT Case Classification (Example for enterprise CSIRT)
CSIRT Setting up Guide
CVSS based patch policy for enterprise (example)
Guide to Tunneling Windows NT VNC traffic with SSH2
IIS and NTS 4.0 Hardening Guide
Online Forensics of Win32 System Guide
Secure BGP Template
Secure BIND Template
Secure IOS Configuration Template
SSH Public Key Configuration Windows NT/2000/XP Guide
Windows 2000 / IIS 5.0 DMZ Hardening Guide
Windows 2003 / IIS 6.0 DMZ Hardening Guidelines

Definitely worth a look!

Tagged as: Acceptable Use Policy, Data Security Policy, Incident Response Policy, Information Security Policy, Security Policies, Security Policy, Security Standards

Leave a Comment

Previous post: Acceptable Use Policy Template

Next post: Windows Hardening Guide

Recent Data Breaches
- Citi hit by hacker group; reports no data breach
  A computer hacker group on Friday continued a wave of attacks against Brazilian financial websites, hampering the sites of Citigroup Inc. and other prominent institutions. […]
- NYSEG Offering Credit Monitoring Following Data Breach
  BUFFALO, N.Y. - We previously reported in January that NYSEG and sister utility RG&E would inform customers of the data breach involving both personal and financial information. […]
- FAQ about the VeriSign data breaches
  A VeriSign filing with the Securities and Exchange Commission reveals that the company suffered more than one data breach in 2010, raising questions about how secure the company's products are and what customers should do about it. […]
- Into the Breach: Protecting the Brand When Data Loss Is the New Normal
  Never mind all those formula Hollywood films about oddly sympathetic adolescents hacking into major government or financial computer systems. In fact, real cybercrime has overtaken terrorism as the central threat to U.S. security, according to FBI director Robert Mueller. The perpetrators may be ideological adversaries based in Iran. They may be gangsters pr […]
- Council staff private data breach
  Details of an Essex council's entire workforce are released online in a "serious security breach". […]
- Irish web firm hit by data breach
  Internet hosting company Blacknight is investigating a security breach that could have put client contact details at risk. […]
- Blancco Reduces Rising Data Breach Risk from Tablets and Smartphones with Internationally Certified Erasure Solution
  ATLANTA, January 31, 2012 /PRNewswire/ --Businesses often view data threats from mobile devices like smartphones and tablets in terms of malware, phishing, and spyware, but improper decommissioning can ... […]
- Data breach harm assessment 'more important than telling victims'
  IT professionals believe that assessing the potential harm caused by data breaches is more useful to mitigating the effects of such incidents than notifying affected individuals, according to a survey published on the day the European Union's proposed a 24-hour deadline for data breach disclosures. […]
- IT pros say data breach assessment is more valuable than notification, study says
  IDG News Service - IT professionals believe that assessing the potential harm caused by data breaches is more useful to mitigating the effects of such incidents than notifying affected individuals, according to a survey published on the day the European Union's proposed a 24-hour deadline for data breach disclosures. […]
- IT pros believe data breach harm assessment is more valuable than victim notification, study says
  IT professionals believe that assessing the potential harm caused by data breaches is more useful to mitigating the effects of such incidents than notifying affected individuals, according to a survey published on the day the European Union's proposed a 24-hour deadline for data breach disclosures. […]

Subscribe to Data Security Policies via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.
Categories
- Security Policies
- Security Standards
Information Security
- IT Security Guy
Security Policies
- Christiansen’s IT Law
Security News Feed
- Google's Android Market 'Bouncer' - Does it offer enough protection?
  A small step in the right direction. […]
- RIM's new CEO makes analyst rounds as skepticism abounds
  The conundrum for analysts goes like this. RIM could be a great value in the long run. However, there are few signs today that RIM can get its act together. […]
- Android developers can qualify for a free BlackBerry PlayBook in February
  The 2.0 update for the BlackBerry PlayBook will provide Android support and to promote this functionality RIM is holding a developer promotion. […]
- Motorola wins iCloud injunction; iPhone, iPad temporarily pulled from online store
  Apple has lost out on two counts. Not only has it suffered a blow to its iCloud service in Germany, the company has also pulled most models of its iPhone and iPad from its online stores […]
- Facebook for Android version 1.8.2 is out
  Facebook for Android version 1.8.2 is just a minor release. It fixes a few bugs and improves performance. Facebook has not given a date for when to expect the next major version of the app. […]
- Apple releases Mac OS 10.7.3 with Safari 5.1.3
  Apple has begun pushing Mac OS 10.7.3 out to users via Software Update. Here's what's changed and why you should care. […]
- Okta rounds out management team
  The on-demand identity management company names a BMC vet to head sales and an HP ArcSight exec to run engineering. […]
- Sleek BlackBerry London smartphone could challenge the iPhone
  There has been a lot of armchair quarterbacking taking place for RIM and if they can get a device like the one rumored at CrackBerry.com then they may still be in the running for the 3rd... […]
- Legal legend David Boies won't get another crack at Microsoft
  Barnes & Noble thought it had a strong defense against allegations that its Nook e-reader infringes on Microsoft patents. It even hired a legendary antitrust lawyer to lead that part of the case.... […]
- McAfee upgrades mobile security software with SMS, call blocking
  IT departments are wary of personal devices being used for work purposes out of fear of information getting lost or stolen, but could mobile security software ease their worries? […]
Data Security Policy Tags
Acceptable Use Policy Authentication Policy Business Continuity Policy Business Continuity Security Policy cloud cloud computing computer computers Computers and Internet Computers and Technology Corporate Security Policy Data Classification Policy Data Recovery Data Security Policies Data Security Policy Disaster Recovery Policy hard drive data recovery hard drive recovery Incident Response Plan Incident Response Plan Template Incident Response Policy Information Security Policy Internet Internet Security IT laptop laptop computer laptops mozy online backup online backup PC RAID data recovery Record Retention Policy security Security Breach Security Policies Security Policy Security Standards software spyware technology Vulnerability Management Policy Windows Hardening Guide Windows Hardening Standard Wireless Security Standard

tumblr stats