Preventing the next worm
Information security is a reactive world. The next intrusion, vulnerability or worm is always right around the corner.
With critical issues arising everywhere, the typical CISO and IT security organization spend most of their time reacting to outside forces and not nearly enough time getting ahead of the curve. One way out of this downward spiral is to get proactive with a system security policy and a method of ensuring compliance. This can change the environment from scrambling to planning, increasing the value and reducing the cost of security. But how can this be accomplished without time, resources and a radical change in the environment?
System security policy management tools are growing in popularity. These tools automate the process of viewing and setting the system configurations of a large number of systems, and reporting on their configurations against a security policy to give measurable results. Improperly configured systems, including items such as permissions, user rights, and OS security parameters cause most common security problems.
[ Read more ]