计算机安全 – 清单

计算机安全 – 清单


在本章中,我们将讨论一个高级检查表,我们将使用它来教育用户和 IT 人员,当涉及到任何安全问题时,它们应该是自然的表达。

基于所有章节,尤其是安全策略,下表列出了一份清单,其中涉及本教程中讨论的大多数组件。

Checklist 任务状态
Server Room
Server rack installed properly
Air conditioning present
Temperature monitoring and alarm system is in place
Automatic smoke/fire detection is available
Water entry prevention detector is available
Fire extinguisher is in place
Local LAN wiring is done properly
Business Critical Services
Redundant power supplies are available
RAID systems are available
UPS systems are in place
Emergency systems are in place
Documentation is up to date
Professional support is provided
SLAs are signed
Emergency plan is prepared
Business Internet Account
Redundant lines
Insurance for ICT equipment is available
Information Systems
Server is installed according to the Setup Policies Manuals
Standard GPOs are configured on the Server
System security is done
System documentation is up-to-date
Data backup is configured properly and done regularly according to backup policies
To check proper naming of all computers, network devices to be in line with IT Policy
Standard Whitelist Software to be aligned on all PCs
All PCs in domain system
Administrator privileges are taken from computer users
Program privileges are on minimum needed level
Information Security
Identity and access management is configured
Data access possibilities are minimized to needed level
Virus protection software is installed on each PC
Human Factor
ICT System and email Usage Policy is rolled-out (should be checked as per the disciplinary safeguards)
Staff awareness training is provided regularly
Responsibilities are documented
Maintenance of Information Systems
Security updates are installed on all PC’s
ICT internal alert and notification system is configured
Security update action plan is done
Security update roll out plan is in place
General
Network IP address schema are in line
Network Security
Firewall access rules and open ports are compliant with the firewall policy
Protection of sensitive information is in place
Restriction of communication services is enabled
VPN is configured properly with the partners
WLAN security is enabled on all WIFI devices
Limited internet access is configured
BYOD regulations are implemented
Network Management
Bandwidth Management System is configured
Network Monitoring System is available
DRP files are up to date

请记住,此列表也可以根据贵公司的需要和员工进行修改。

觉得文章有用?

点个广告表达一下你的爱意吧 !😁