Identification of File Integrity Requirement through Severity Analysis
|
|
- Jessie Grant
- 8 years ago
- Views:
Transcription
1 Identification of File Integrity Requirement through Severity Analysis Zul Hilmi Abdullah a, Shaharudin Ismail a, Nur Izura Udzir b a Fakulti Sains dan Teknologi, Universiti Sains Islam Malaysia, Bandar Baru Nilai, Nilai, Negeri Sembilan, Malaysia. b Fakulti Sains Komputer dan Teknologi Maklumat, Universiti Putra Malaysia, Serdang, Selangor, Malaysia. zulhilmi.a@usim.edu.my Abstract. File integrity monitoring (FIM) tool is used to mitigate integrity violation risk in an operating system and storage environment. The main challenge is to ensure the modification of related files can be detected as soon as the event occurs as fast detection can be vital to prevent further damage. However, issues on FIM is about the performance penalty result of real time monitoring. In order to minimize performance overhead, identification of file integrity requirement is proposed. Integrity requirement is important for determining the file monitoring approaches either in real time or offline. Although some of the FIM tools provide a hybrid approach of integrity monitoring, there have still required manual intervention of system administrator for system configuration in identification of specific files with its specific monitoring approach. This practice is a difficult task for system administrators and may be exposed to human error. This paper proposes the model of file integrity requirement based on file metadata information (file attributes) to assist system administrators in setting up monitoring approaches for specific files within the application system environment. The proposed model can be applied to the FIM tool and other file protection tool like anti-malware, backup and restore solution as part of the defence in depth strategy. Keywords: File Integrity, Severity Analysis, Integrity Requirement, System Security. INTRODUCTION Integrity violation for the information system assets become a major concern. Threats from viruses and other malware that has a capability in modifying the system and application files increases the risk of integrity violation [1]. Increasing numbers of new malware every day also exposed the information system assets into the integrity violation. Therefore, well known information security related standard and guideline recommends that each organization should deploy the system integrity verification for their information asset protection. The security standard council recommends that system integrity becomes part of Payment Card Industry (PCI) Data Security Standard (DSS) requirement. The requirement is very important to ensure business can be operates effectively and as intended. Requirement implementing the file integrity monitoring is part of monitoring of security controls which also included the firewalls, anti-virus, IDS and IPS have been 355
2 stated in PCI DSS document version 2.0 and version 3.0 [2]. Other well-established compliance standards that recommend the system integrity monitoring is NIST in System and Information Integrity (SI) Guidelines which stated in two main sections (SI-4 and SI-7) of the standards [9]. In NIST Special Publication Revision 4 documents, SI-7 represents an enhancement of integrity control towards software, firmware and information integrity. There are several file integrity monitoring or verification tools that provide the integrity protection services for the system and application security, such as Tripwire [3], XenFIT [4], and OSSEC [5]. There is no big issue in the detection capability of most of the establish file integrity monitoring tools since they used standard and reliable detection mechanism. Issues arise more on the monitoring approach which involve real time or periodic monitoring approach for the system file. Although highly critical applications are developed with security concern by the developer, new security vulnerabilities still cannot be predicted on the development phase. Thus, the application software remains vulnerable to security flaws and needs to be protected. It is impossible to monitor every single application file in real-time due to the high cost needed in terms of resource consumption and processing time [6]. Therefore, a proper technique and approach should be initiated to ensure only required files are monitored in real time and let other file monitored with periodic time. This scenario is very crucial to ensure only integrity critical files should be protected in real time to ensure the performance impact of the system operation is minimal. Real time integrity protection may cause a performance penalty if the implementation is not properly configured. In order to ensure effective scheduling of file integrity monitoring, we proposed file integrity requirement identification based on severity analysis. FILE INTEGRITY REQUIREMENT (FIR) IDENTIFICATION File integrity requirement (FIR) is proposed to accommodate a file integrity monitor (FIM) tools in determining specific file with their specific monitoring approaches. In this paper, we focus on the file in Windows based operating system environment. Each setup and configuration included the virtual host also based on the Windows operating system. Identify related issues in file integrity monitoring analyzed previous techniques and practices Formulate a new pattern of file integrity requirement identification Evaluate formulated pattern FIGURE 1: Important steps for the research. Figure 1 shows the important steps in this research. This research begins with identification of related issues in the file integrity monitoring through an intensive review of related works. After specific issues have been discovered, several tools related to the file security monitoring such as FIM tools, anti-viruses tools, host-based intrusion 356
3 detection systems and files utilities tools are collected. All related tools are tested and observed in order to obtain patterns of existing practices in file protection. Result from the observation is analyzed. From the analyzed result, new pattern of file integrity requirement (FIR) identification is formulated. Lastly, the proposed FIR is evaluated in to test the accuracy of formulated pattern. Observation of Existing File Protection Practices In order to collect information and practices of existing file protection tools, five different virtual hosts are used. Each virtual host are installed with difference type of services such as web server, database server, print server, server and file sharing service. Related file protection tools are installed and tested in each virtual host to observe their practices in protecting the files. Figure 2 represents the steps involved in FIR identification. Run file protection tools Collect information used by related tools Analyze collected information FIGURE 2: File integrity requirement (FIR) identification. Firstly, data of the related file which monitored in real time are collected for each virtual host and file protection tools. Next, we analyzed the collected data by comparing and classify the pattern of file monitoring based on their attributes similarities. In practice, these steps are time consuming and complicated. It is assumed that existing file protection tools are monitored sensitive or important file in real time monitoring mode. Violation of the integrity After obtaining the pattern of file protection, we formulate a new file integrity requirement (FIR) in order to accommodate file integrity monitoring tool in determining monitoring mode for specific files. In this paper, FIR is formulated based on privilege security attributes (PSA) which each file is classified into five different FIR levels (system, high, medium, low and unprotected). Our FIR utilized five attributes of PSA, which obtained from the observed pattern of existing file protection tools. Evaluation In order to evaluate the accuracy of formulated FIR, data mining classifier is used. Figure 3 shows the steps involved to evaluate the proposed FIR. 357
4 Scan file attributes Capture and record identified attributes Analyze and interpret classification result Transform attributes information into nominal format Test dataset with specific classifiers FIGURE 3: FIR evaluation steps. In the evaluation phase of FIR data set are collected using file attributes scanner (FAS) tool. FAS tool was developed previously for our attributes based file integrity identification [7, 8]. The file attributes scanner (FAS) is customized accordingly in order to support the data collection process which based on the privilege security attributes (PSA). Five identified attributes are collected for each file. The data set will be transformed into a nominal format in order to accommodate the evaluation process. Data preprocessing done in this phase to minimize the noise. In this paper, Multilayer Perceptron (MLP) classifier is used to test our FIR based on five integrity level and five attributes. Lastly result from the classification is analyzed and interpreted based on research objectives. For initial result, our FIR score 92.5% of correctly classified instances based on 400 samples of the files which each file represents by five attributes. The score shows the impressive output from the FIR identification and formulation. However, there are still need some improvement in order to optimize the effectiveness of FIM monitoring mode for specific files. CONCLUSION Identification of file integrity requirement (FIR) becomes goods start to accommodates file integrity monitoring tools since there are increased of information security threats and attacks especially involved the unauthorized system modification. In addition, increases of operating system and application complexity due to highly sophisticated demands for the information services also required more effective file integrity monitoring without compromised the system performance. The evaluation result shows the promises future for the FIR identification. Currently we are working to formulate a new FIR that based on different type of file attributes. In addition, the formulated FIR will be incorporated into the prototype of file integrity monitoring system for testing in the real environment.. 358
5 REFERENCES Proceeding of IC-ITS 2015 e-isbn: McKosky, R. A. & Shiva, S. G. A file integrity checking system to detect and recover from program modification attacks in multi-user computer systems Computers & Security, 1990, 9, LLC, P. S. S. C. Payment Card Industry (PCI) Data Security Standard, Requirements and Security Assessment Procedures, Version 3.0 PCI Security Standards Council LLC, Kim, G. H. & Spafford, E. H. The design and implementation of tripwire: a file system integrity checker CCS '94: Proceedings of the 2nd ACM Conference on Computer and Communications Security, ACM, 1994, Quynh, N. A. & Takefuji, Y. A novel approach for a file-system integrity monitor tool of Xen virtual machine ASIACCS '07: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, ACM, 2007, Hay, A.; Cid, D.; Bary, R. & Northcutt, S. System Integrity Check and Rootkit Detection OSSEC Host-Based Intrusion Detection Guide, Syngress, 2008, Zhao, F.; Jiang, Y.; Xiang, G.; Jin, H. & Jiang, W. VRFPS: A Novel Virtual Machine-Based Real-time File Protection System ACIS 2009: International Conference on Software Engineering Research, Management and Applications, IEEE Computer Society, 2009, 0, Abdullah, Z. H.; Udzir, N. I.; Mahmod, R. & Samsudin, K. Towards a Dynamic File Integrity Monitor through a Security Classification International Journal of New Computer Architectures and their Applications (IJNCAA), The Society of Digital Information and Wireless Communication, 2011, 1, Abdullah, Z. H.; Udzir, N. I.; Mahmod, R. & Samsudin, K. File Integrity Monitor Scheduling Based on File Security Level Classification. Software Engineering and Computer Systems, Springer Berlin Heidelberg, 2011, 180, Locke, G. & Gallagher, P. D. Recommended Security Controls for Federal Information Systems and Organizations National Institute of Standards and Technology (NIST),
Host-based Intrusion Prevention System (HIPS)
Host-based Intrusion Prevention System (HIPS) White Paper Document Version ( esnhips 14.0.0.1) Creation Date: 6 th Feb, 2013 Host-based Intrusion Prevention System (HIPS) Few years back, it was relatively
More informationPCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR
PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR AUTHOR: UDIT PATHAK SENIOR SECURITY ANALYST udit.pathak@niiconsulting.com Public Network Intelligence India 1 Contents 1. Background... 3 2. PCI Compliance
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationVerve Security Center
Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationRule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)
Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed) 01.1 Purpose
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationBest Practice Configurations for OfficeScan (OSCE) 10.6
Best Practice Configurations for OfficeScan (OSCE) 10.6 Applying Latest Patch(es) for OSCE 10.6 To find out the latest patches for OfficeScan, click here. Enable Smart Clients 1. Ensure that Officescan
More informationTotal Defense Endpoint Premium r12
DATA SHEET Total Defense Endpoint Premium r12 Overview: Total Defense Endpoint Premium Edition r12 offers comprehensive protection for networks, endpoints and groupware systems from intrusions, malicious
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationCloudCheck Compliance Certification Program
CloudCheck Compliance Certification Program Ensure Your Cloud Computing Environment is Secure with CloudCheck Certification Organizations today are increasingly relying on a combination of private and/or
More informationMarch 2012 www.tufin.com
SecureTrack Supporting Compliance with PCI DSS 2.0 March 2012 www.tufin.com Table of Contents Introduction... 3 The Importance of Network Security Operations... 3 Supporting PCI DSS with Automated Solutions...
More informationCybersecurity Health Check At A Glance
This cybersecurity health check provides a quick view of compliance gaps and is not intended to replace a professional HIPAA Security Risk Analysis. Failing to have more than five security measures not
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationIntrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool
Intrusion Detection System in Campus Network: SNORT the most powerful Open Source Network Security Tool Mukta Garg Assistant Professor, Advanced Educational Institutions, Palwal Abstract Today s society
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationThe Comprehensive Guide to PCI Security Standards Compliance
The Comprehensive Guide to PCI Security Standards Compliance Achieving PCI DSS compliance is a process. There are many systems and countless moving parts that all need to come together to keep user payment
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationCorreLog Alignment to PCI Security Standards Compliance
CorreLog Alignment to PCI Security Standards Compliance Achieving PCI DSS compliance is a process. There are many systems and countless moving parts that all need to come together to keep user payment
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationVIEWABILL. Cloud Security and Operational Architecture. featuring RUBY ON RAILS
VIEWABILL Cloud Security and Operational Architecture featuring RUBY ON RAILS VAB_CloudSecurity V1 : May 2014 Overview The Viewabill.com cloud is a highly-secure, scalable and redundant solution that enables
More informationCyber Essentials Scheme
Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these
More informationCompliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:
Security.01 Penetration Testing.02 Compliance Review.03 Application Security Audit.04 Social Engineering.05 Security Outsourcing.06 Security Consulting.07 Security Policy and Program.08 Training Services
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationTrend Micro OfficeScan 11.0. Best Practice Guide for Malware
Trend Micro OfficeScan 11.0 Best Practice Guide for Malware Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned
More informationManaging Cloud Computing Risk
Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify
More informationVulnerability Audit: Why a Vulnerability Scan Isn t Enough. White Paper
Vulnerability Audit: Why a Vulnerability Scan Isn t Enough White Paper May 10, 2005 TABLE OF CONTENTS Introduction: How Secure Are My Systems?... 3 Vulnerability: The Modern Meaning Of A Muddled Word...
More informationClient Security Risk Assessment Questionnaire
Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2
More informationHow NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements
How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards
More informationInformation Security @ Blue Valley Schools FEBRUARY 2015
Information Security @ Blue Valley Schools FEBRUARY 2015 Student Data Privacy & Security Blue Valley is committed to providing an education beyond expectations to each of our students. To support that
More informationSoftware Asset Management (SWAM) Capability Description
Software Asset Management (SWAM) Capability Description Purpose Provides an organization visibility into the software installed and operating on their network(s) so they can appropriately manage authorized
More informationA Review of Anomaly Detection Techniques in Network Intrusion Detection System
A Review of Anomaly Detection Techniques in Network Intrusion Detection System Dr.D.V.S.S.Subrahmanyam Professor, Dept. of CSE, Sreyas Institute of Engineering & Technology, Hyderabad, India ABSTRACT:In
More informationFortinet Solutions for Compliance Requirements
s for Compliance Requirements Sarbanes Oxley (SOX / SARBOX) Section / Reference Technical Control Requirement SOX references ISO 17799 for Firewall FortiGate implementation specifics IDS / IPS Centralized
More informationSecurity Data Analytics Platform
Security Data Analytics Platform Figure 1 - Global Search Dashboard "The Data Analytics Platform has revolutionized the way we handle data from our Security monitoring infrastructure to our developers
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationManaging Vulnerabilities for PCI Compliance White Paper. Christopher S. Harper Managing Director, Agio Security Services
Managing Vulnerabilities for PCI Compliance White Paper Christopher S. Harper Managing Director, Agio Security Services PCI STRATEGY Settling on a PCI vulnerability management strategy is sometimes a difficult
More informationSecuring Industrial Control Systems on a Virtual Platform
Securing Industrial Control Systems on a Virtual Platform How to Best Protect the Vital Virtual Business Assets WHITE PAPER Sajid Nazir and Mark Lazarides sajid.nazir@firstco.uk.com 9 Feb, 2016 mark.lazarides@firstco.uk.com
More informationHow To Protect Your Cloud From Attack
A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to
More informationReduce the Cost of PCI DSS Compliance with Unified Vulnerability Management
WHITE PAPER Reduce the Cost of PCI DSS Compliance with Unified Vulnerability Management A Requirement-by-Requirement Guide Table of Contents Introduction 3 What are the PCI Data Security Standards 3 The
More informationObservation and Findings
Chapter 6 Observation and Findings 6.1. Introduction This chapter discuss in detail about observation and findings based on survey performed. This research work is carried out in order to find out network
More informationBio-inspired cyber security for your enterprise
Bio-inspired cyber security for your enterprise Delivering global protection Perception is a network security service that protects your organisation from threats that existing security solutions can t
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationSample Vulnerability Management Policy
Sample Internal Procedures and Policy Guidelines February 2015 Document Control Title: Document Control Number: 1.0.0 Initial Release: Last Updated: February 2015, Manager IT Security February 2015, Director
More informationfor businesses with more than 25 seats
for businesses with more than 25 seats ESET Business Solutions 1/6 Whether your business is just starting out or is established, there are a few things that you should expect from the software you use
More informationAutomated Risk Management Using SCAP Vulnerability Scanners
Automated Risk Management Using SCAP Vulnerability Scanners The management of risks to the security and availability of private information is a key element of privacy legislation under the Federal Information
More informationUsing Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4
WHITEPAPER Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4 An in-depth look at Payment Card Industry Data Security Standard Requirements 10, 11,
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationForeScout CounterACT and Compliance June 2012 Overview Major Mandates PCI-DSS ISO 27002
ForeScout CounterACT and Compliance An independent assessment on how network access control maps to leading compliance mandates and helps automate GRC operations June 2012 Overview Information security
More informationAUDIT REPORT 03-11 WEB PORTAL SECURITY REVIEW. 2004 FEBRUARY R. D. MacLEAN CITY AUDITOR
AUDIT REPORT 03-11 WEB PORTAL SECURITY REVIEW 2004 FEBRUARY R. D. MacLEAN CITY AUDITOR Web Portal Security Review Page 2 Audit Report 03-11 Web Portal Security Review INDEX SECTION I EXECUTIVE SUMMARY
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Security Scanning Procedures Version 1.1 Release: September 2006 Table of Contents Purpose...1 Introduction...1 Scope of PCI Security Scanning...1 Scanning
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationSupplier Security Assessment Questionnaire
HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.
More informationMaking your web application. White paper - August 2014. secure
Making your web application White paper - August 2014 secure User Acceptance Tests Test Case Execution Quality Definition Test Design Test Plan Test Case Development Table of Contents Introduction 1 Why
More informationData Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan
WHITE PAPER Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan Introduction to Data Privacy Today, organizations face a heightened threat landscape with data
More information<COMPANY> PR11 - Log Review Procedure. Document Reference Date 30th September 2014 Document Status. Final Version 3.
PR11 - Log Review Procedure Document Reference PR11 - Log Review Procedure Date 30th September 2014 Document Status Final Version 3.0 Revision History 1.0 12 January 2010 - Initial release. 1.1 14 September
More informationKey Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
More informationIntegrated Threat & Security Management.
Integrated Threat & Security Management. SOLUTION OVERVIEW Vulnerability Assessment for Web Applications Fully Automated Web Crawling and Reporting Minimal Website Training or Learning Required Most Accurate
More informationGuideline on Auditing and Log Management
CMSGu2012-05 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Auditing and Log Management National Computer Board Mauritius
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationBest Practice Configurations for OfficeScan 10.0
Best Practice Configurations for OfficeScan 10.0 Applying Latest Patch(es) for OSCE 10.0 To find out the latest patches, refer to http://www.trendmicro.com/download/product.asp?productid=5 NOTE : There
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More informationPCI PA - DSS. Point BKX Implementation Guide. Version 2.01. Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core
PCI PA - DSS Point BKX Implementation Guide Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core Version 2.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566
More informationEffective Software Security Management
Effective Software Security Management choosing the right drivers for applying application security Author: Dharmesh M Mehta dharmeshmm@mastek.com / dharmeshmm@owasp.org Table of Contents Abstract... 1
More informationIntrusion Detection Systems vs. Intrusion Prevention Systems. Sohkyoung (Michelle) Cho ACC 626
Intrusion Detection Systems vs. Intrusion Prevention Systems Sohkyoung (Michelle) Cho ACC 626 1.0 INTRODUCTION An increasing number of organizations use information systems to conduct their core business
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationBest Practices For Department Server and Enterprise System Checklist
Best Practices For Department Server and Enterprise System Checklist INSTRUCTIONS Information Best Practices are guidelines used to ensure an adequate level of protection for Information Technology (IT)
More informationTRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED SOLUTION BRIEF TRIPWIRE NERC SOLUTION SUITE TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on our mission of delivering
More informationPCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst. 2010. Page 1 of 7 www.ecfirst.com
Policy/Procedure Description PCI DSS Policies Install and Maintain a Firewall Configuration to Protect Cardholder Data Establish Firewall and Router Configuration Standards Build a Firewall Configuration
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationCritical Security Controls
Critical Security Controls Session 2: The Critical Controls v1.0 Chris Beal Chief Security Architect MCNC chris.beal@mcnc.org @mcncsecurity on Twitter The Critical Security Controls The Critical Security
More informationNetwork Based Intrusion Detection Using Honey pot Deception
Network Based Intrusion Detection Using Honey pot Deception Dr.K.V.Kulhalli, S.R.Khot Department of Electronics and Communication Engineering D.Y.Patil College of Engg.& technology, Kolhapur,Maharashtra,India.
More informationSTATE OF NEW JERSEY IT CIRCULAR
NJ Office of Information Technology P.O. Box 212 www.nj.gov/it/ps/ Chris Christie, Governor 300 River View E. Steven Emanuel, Chief Information Officer Trenton, NJ 08625-0212 STATE OF NEW JERSEY IT CIRCULAR
More informationThreat Center. Real-time multi-level threat detection, analysis, and automated remediation
Threat Center Real-time multi-level threat detection, analysis, and automated remediation Description Advanced targeted and persistent threats can easily evade standard security, software vulnerabilities
More informationHalo. for PCI Compliance. Who Needs PCI in the Cloud? What It Takes to be PCI Compliant
SOLUTION BRIEF Halo for PCI Compliance Who Needs PCI in the Cloud? Compliance with the Payment Card Industry Data Security Standard (PCI-DSS) is important to companies running e-commerce, subscription-based
More informationAutomated Risk Management Using NIST Standards
Automated Risk Management Using NIST Standards The management of risks to the security and availability of private information is a key element of privacy legislation under the Federal Information Security
More informationFIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES
FIREWALL Features SECURITY OF INFORMATION TECHNOLOGIES To ensure that they stay competitive and in order to expand their activity, businesses today know it is in their best interests to open up more channels
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationJohn Essner, CISO Office of Information Technology State of New Jersey
John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management
More informationPCI DSS Requirements - Security Controls and Processes
1. Build and maintain a secure network 1.1 Establish firewall and router configuration standards that formalize testing whenever configurations change; that identify all connections to cardholder data
More informationHow To Protect A Network From Attack From A Hacker (Hbss)
Leveraging Network Vulnerability Assessment with Incident Response Processes and Procedures DAVID COLE, DIRECTOR IS AUDITS, U.S. HOUSE OF REPRESENTATIVES Assessment Planning Assessment Execution Assessment
More informationEndpoint Security More secure. Less complex. Less costs... More control.
Endpoint Security More secure. Less complex. Less costs... More control. Symantec Endpoint Security Today s complex threat landscape constantly shifts and changes to accomplish its ultimate goal to reap
More informationPCI PA - DSS. Point ipos Implementation Guide. Version 1.01. VeriFone Vx820 using the Point ipos Payment Core
PCI PA - DSS Point ipos Implementation Guide VeriFone Vx820 using the Point ipos Payment Core Version 1.01 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page
More informationData Loss Prevention in the Enterprise
Data Loss Prevention in the Enterprise ISYM 525 Information Security Final Paper Written by Keneth R. Rhodes 12-01-09 In today s world data loss happens multiple times a day. Statistics show that there
More informationInformation Security Services. Achieving PCI compliance with Dell SecureWorks security services
Information Security Services Achieving PCI compliance with Dell SecureWorks security services Executive summary In October 2010, the Payment Card Industry (PCI) issued the new Data Security Standard (DSS)
More informationAvoiding the Top 5 Vulnerability Management Mistakes
WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability
More informationIntelli-Restore as an Instantaneous Approach for Reduced Data Recovery Time
Intelli-Restore as an Instantaneous Approach for Reduced Data Recovery Time Leon Mugoh, Ismail Lukandu Ateya, Bernard Shibwabo Kasamani Faculty of Information Technology Strathmore University, Nairobi
More informationIBM Managed Security Services Vulnerability Scanning:
IBM Managed Security Services August 2005 IBM Managed Security Services Vulnerability Scanning: Understanding the methodology and risks Jerry Neely Network Security Analyst, IBM Global Services Page 2
More informationAutomate PCI Compliance Monitoring, Investigation & Reporting
Automate PCI Compliance Monitoring, Investigation & Reporting Reducing Business Risk Standards and compliance are all about implementing procedures and technologies that reduce business risk and efficiently
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationNetwork Segmentation
Network Segmentation The clues to switch a PCI DSS compliance s nightmare into an easy path Although best security practices should be implemented in all systems of an organization, whether critical or
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF PUBLIC WELFARE, INSURANCE AND AGING INFORMATION TECHNOLOGY STANDARD Name Of Standard: Mobile Device Standard Domain: Security Date Issued: 09/07/2012 Date Revised:
More informationSECURE SHARING AND COMMUNICATION. Protection for servers, email and collaboration
SECURE SHARING AND COMMUNICATION Protection for servers, email and collaboration THE VALUE OF SECURITY Most malware attacks use software vulnerabilities to reach their targets. Only 90% of malware attacks
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationSonicWALL PCI 1.1 Implementation Guide
Compliance SonicWALL PCI 1.1 Implementation Guide A PCI Implementation Guide for SonicWALL SonicOS Standard In conjunction with ControlCase, LLC (PCI Council Approved Auditor) SonicWall SonicOS Standard
More information