My name is Trevor, and I'm a student at UAT, doing some research on different implementation frameworks for establishing a security policy. In particular, I came across the SKiP (Security Knowledge in Practice) framework, and saw some advantages and disadvantages.
This framework has 6 separate steps to help with the implementation, including portions dedicated to picking vendors, as well as hardening and securing your own network. Unfortunately, what it lacks, like many frameworks and standards, is any sort of technical direction.
I was wondering if there is anyone out there that has experience with this implementation framework. Does it play out as practically as it sounds, or is it more difficult than it should be?
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!