With the recent spate of news stories about the apparent information assurance/security failures that have come to light as a result of the events that transpired between Aaron Bar and Anonymous, I’ve been discussing security program implementation with my classmates at the Universtity of Advancing Technology.
We've argued back and forth about what could have been done differently but I wanted to see what kind of guidance the security administrators of the world might have to offer in regards to security implementation frameworks with these kinds of incidents in mind.
I know there are quite a few security frameworks and guidance available, but I wanted to keep it as simple as possible. With that in mind, I’ve started out by looking at a document from the NSA titled “The 60 Minute Network Security Guide (First Steps Towards a Secure Network Environment)”.
To me, this document looks like your basic how-to on locking down any system you might be using. It covers Windows, Unix, and even breaks out into firewalls and intrusion detection systems. It appears to be a good start, but as it states, it was written with the less experienced administrators and Information Systems Managers in mind.
Have any of the more experienced admins or Information Systems Managers on this site used this guide or something similar, and if so what kind of “gotchas” have you come across? Is this just a good baseline, but really lacking when it comes to actually managing the security of your environment? If not, do you have any other/better suggestions on implementing security in an organization that would be less likely to lead to events like those suffered by HBGary?