52 weeks of security: A security practitioner's guide

52 weeks of security: A security practitioner's guide

Introduction
How many activities does the average security manager have to accomplish over the course of a year? A year sounds like a long time, but before you know it, things will snowball if you don't plan for them. A proactive, strategic plan is necessary to help you account for all it takes to effectively run a security practice. Our

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

Perpetual Calendar uses a calendar to plot all of the recurring responsibilities and best practices dictates a security manager should accomplish in a year's time. You will need to determine what frequency for each task is appropriate for your organization, based on your requirements.

The activities of Information Security System Managers (ISSM) can be broken down into the following five categories: functional security; coordination; documentation; configuration management and certification and accreditation; and risk management. Accomplishing all of the tasks associated with these five areas ensures an ISSM is limiting his/her organization's liability, and is accomplishing due diligence in support of the organization as well as any customers associated with the organization.

The Perpetual Calendar is powerful because it:

  • Illustrates to management security responsibilities over the course of a year
  • Acts as a checklist
  • Demonstrates to your staff their appropriate division of responsibilities
  • Will help determine adequate staffing
  • Acts as a time management tool, allowing you to project for potential issues

Understand that you will never have enough talent, time, money, people or resources, so you have to target your activities to use the best of these to protect your most critical assets.

Typical security-related activities you need to plan:
Daily activities (use a summary checklist for each month)

  • Verify all daemons are running
  • Verify all applications are working
  • Verify receipt of any push or pull actions
  • Examine audit logs
  • Back up the server(s)
  • Back up database transaction logs
  • Back up audit files (separate tape)

    Weekly activities

  • Back up the server(s)
  • Back up the database

    Monthly activities

  • Back up the server(s)
  • Back up the databases
  • Archive audit data
  • Push out virus updates
  • Check for current/unused accounts

    Bimonthly activities

  • Hold configuration management board meetings

    Quarterly activities

  • Change passwords (alert users)
  • Back up any master databases
  • Circulate/post site security training and awareness information
  • Restore a random backup tape
  • Quarterly backups

    Semi- and/or annual activities

  • Security training
  • Practice contingency plan
  • Alert users to delete unnecessary files
  • Check standard operating procedures are still current/policy review and update
  • Risk management review/update
  • Test uninterruptible power supply (UPS)
  • Annual backups

    As needed

  • Update site password list
  • Back up new software installs
  • Software licensing and key renewal/seat management
  • Destruction of documents and/or equipment
  • Halon/fire suppression/water system (physical plant) inspection

    In addition to what you know has a reoccurring schedule, what is not on the calendar that you must allow time for?

    • Daily backups
    • Daily checklist
    • Equipment rollouts/upgrades
    • Vacation/sick leave
    • Bad weather-related delays
    • Training -- technical, mandatory corporate compliance, new personnel orientation, new IT people and general (management, leadership, school, other)
    • Meetings -- regular/ad hoc
    • Data and/or equipment recovery
    • Out-of-cycle updates for virus-related events
    • Incident response
    • Compliance inspections and/or audits

    The weekly series then examines 52 facets of security, emphasizing one each week. Each column will discuss:

    • What event we'll be looking at more in depth
    • When/how often the event occurs
    • Why it's important to security
    • Implementation strategy
    • More information

    About the author
    Shelley Bard, CISSP, is a senior security network engineer with Verizon Federal Network Systems (FNS). An infosecurity professional for 17 years, Bard has briefed and written infosecurity assessments and technical reports for the White House and Department of Defense, special interest groups, industry and academia. Please e-mail any comments to securityplanner@infosecuritymag.com.

    This was first published in February 2004

    • Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top