Lesson 3: Maintaining a Security Plan
The process doesn't stop after you design and implement your security plan. You must determine a strategy for maintaining the plan so that it's updated to address new risks.
After this lesson, you will be able to
- Develop a strategy for maintaining an existing security plan
Estimated lesson time: 15 minutes
A security plan's value continues even after it's implemented. You must revisit the security plan periodically to make sure that it still meets the organization's security needs. Some events that can lead to the modification of a security plan include
- Organizational structure change. Companies change their structures periodically. A change from a centralized administrative model to a decentralized model can result in modification of an existing security plan to match the new security model.
- Mergers and acquisitions. The scope of an existing security plan may have to be expanded due to an organization's growth. The security plan may have to be modified so it can work in the larger network environment.
- Change in security policy. As an organization changes, its security policy might change too. The existing security plan should then be modified to reflect the organization's new views on security. For example, after an Internet hacking attack, the organization might want to implement encryption of all confidential information entered at the corporate Web site. The security policy should be modified to reflect this change in opinion.
- Recent security updates to deployed software. Microsoft regularly issues updates that address recently discovered security threats against the Windows 2000 operating system. You can determine the required updates for a Windows 2000–based computer by connecting to the windowsupdate.microsoft.com Web site.
IMPORTANT
To deploy updates with a more centralized method, Microsoft regularly issues service packs for Windows 2000. These service packs include all security and operating system updates that were issued before the service pack's release. You can deploy the service packs to all Windows 2000–based computers by using either Microsoft System Management Server (SMS) or Windows 2000 scripting solutions.
Not all forces that influence a security plan come from within the organization. An organization's network security personnel must stay informed of the latest issues that affect network security. To keep an organization secure, the security personnel must ensure that the security plan addresses the current risks and threats that affect the network's resources.
Some sources that the security personnel can use to monitor the latest security issues include
- Web–based security bulletins. Several security services offer e-mail bulletins that are issued when new security risks arise. For example, you can subscribe to the Microsoft security bulletin service at www.microsoft.com/technet/security/notify.asp.
- Security newsgroups. There are several newsgroups related to Windows 2000 security including news://msnews.microsoft.com/microsoft.public.win2000.security.
- Checking hacker Web sites. Several Web sites contain information on the latest hacking strategies that are used to compromise network security. Examples include http://www.2600.com/ and www.insecure.org/.
NOTE
Many network security resources are available on the Internet. Always make sure that the sites are trustworthy before downloading utilities and installing them on your network. What may be promised as a security solution may turn out to be a security weakness after you install it. The software that you download to protect your network may actually open up your network services to a hacking attack.
Making the Decision
Table 17.2 outlines design decisions you face when ensuring that a security plan remains effective after the security plan is fully deployed.
Table 17.2 Design Decisions for Maintaining a Security Plan
| To | Do the Following |
|---|---|
| Stay current with the latest security vulnerabilities | Subscribe to security bulletins that alert you of any recent security vulnerabilities for the software implemented at your organization. Read industry trade magazines. Visit Web sites related to network security and hacking. |
| Ensure that security plans continue to reflect security policy | Review all security plans at regularly scheduled intervals to determine if the plans still reflect the organization s security policy. Update the security plan to reflect any changes in security policy. |
| Stay current with the latest fixes | For Windows based software, use the windowsupdate.microsoft.com Web site to review your system for required updates. Ensure that the latest hot fixes and service packs are applied to all computers in the organization. Perform auditing of all deployed systems to ensure that the required updates and hot fixes are applied. |
Applying the Decision
Fabrikam must appoint a representative from the security team who will determine if the security plan requires modification in the event new hacking vulnerabilities are found. This person must have the ability and the permission to modify the plan.
Lesson Summary
The process of securing a network doesn't end when a security plan is completed and deployed. Security is an ongoing, iterative process. You should review the security of all deployed resources periodically to ensure that security configuration still meets the organization's security needs and security policy.
EAN: 2147483647
Pages: 172