6. Ongoing Activities

6. Ongoing Activities

At this point in time, your site has hopefully developed a complete security policy and has developed procedures to assist in the configuration and management of your technology in support of those policies. How nice it would be if you could sit back and relax at this point and know that you were finished with the job of security. Unfortunately, that is not possible. Your systems and networks are not a static environment, so you will need to review policies and procedures on a regular basis. There are a number of steps you can take to help you keep up with the changes around you so that you can initiate corresponding actions to address those changes. The following is a starter set and you may add others as appropriate for your site:

1. Subscribe to advisories that are issued by various security incident response teams, like those of the CERT Coordination Center, and update your systems against those threats that apply to your site's technology.

2. Monitor security patches that are produced by the vendors of your equipment, and obtain and install all that apply.

3. Actively watch the configurations of your systems to identify any changes that may have occurred, and investigate all anomalies.

4. Review all security policies and procedures annually (at a minimum).

5. Read relevant mailing lists and USENET newsgroups to keep up to date with the latest information being shared by fellow administrators.

6. Regularly check for compliance with policies and procedures. This audit should be performed by someone other than the people who define or implement the policies and procedures.