PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
December 2003

The best information security policy decisions of 2003

Best Benchmarking Effort: Center for Internet Security Effective IT risk managers follow the 80/20 rule: They expend 20 percent of their resources addressing 80 percent of their risk. That's also the M.O. behind the Center for Internet Security's configuration benchmarks, consisting of techniques and scoring tools for hardening default installations of Windows NT/2000, Solaris, Linux, HP-UX, Cisco routers and Oracle databases. When implemented, the benchmarks reduce the number of out-of-the-box vulnerabilities in these systems by more than 80 percent, says CIS president and CEO Clint Kreitner. "There's a ton of low-hanging fruit that organizations can address simply by using the recommendations," he says. Best of all, the benchmarks -- developed through a global consensus process involving industry, government, academia and consultants -- are offered free to the Internet community at www.cisecurity.org. "It's hard to know what 'best practice' is, and it's not always easy to configure per best practice once you know what it is," ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

-ADS BY GOOGLE

Close