In an effort to help busy security managers, CISSP Shelley Bard's weekly column builds upon the concept of the perpetual calendar, offering a schedule of reminders for a proactive, strategic security plan. Here are the objectives Shelley prescribes for weeks 40 through 43.
Week 40: Understanding Windows logs
Objective: Audit Windows logs at least weekly, preferably daily.
Week 41: Your PDA/PED policy
Objective: Review your Personal Digital Assistant and Portable Electronic Device policies at least once a year.
Week 42: Protecting Web servers
Objective: Check for Web server vulnerabilities no less than monthly; update your Web server security policy annually or each time you upgrade or patch.
Week 43: Permissions -- How world-writeable are you?
Objective: Tighten permissions daily or weekly.