|
Posted by =?Utf-8?B?QmVybmFyZG8=?= on October 17, 2006, 9:03 am
If you were Registered and logged in, you could reply and use other advanced thread options
Hello all! Can anyone give me some advice on creating a security guidebook.
I've been asked to create this guide based off what we monitor and how. Are
there best practices for creating a guide; what should or should not be
included; etc. Thanks in advance for any advice.
|
|
Posted by Steve Riley [MSFT] on October 17, 2006, 1:38 pm
If you were Registered and logged in, you could reply and use other advanced thread options
: quoted-printable
Start by thinking about the purpose of your guidebook, who the audience =
is, and what you want them to do with it. For instance, the first =
question to answer is this: will your book enumerate security policies, =
which describe what's expected and why, or will it cover processes and =
procedures, which describe how you implement your security requirements =
and policies?
_________________________________
Steve Riley
steve.riley@microsoft.com
http://blogs.technet.com/steriley
Hello all! Can anyone give me some advice on creating a security =
guidebook. =20
I've been asked to create this guide based off what we monitor and =
how. Are=20
there best practices for creating a guide; what should or should not =
be=20
included; etc. Thanks in advance for any advice.
------=_NextPart_000_002B_01C6F1D8.63791F30
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dwindows-1252">
<STYLE></STYLE>
<META content=3D"MSHTML 6.00.5750.0" name=3DGENERATOR></HEAD>
<BODY id=3DMailContainerBody=20
style=3D"PADDING-RIGHT: 10px; PADDING-LEFT: 10px; FONT-SIZE: 12pt; =
COLOR: #000000; PADDING-TOP: 15px; FONT-FAMILY: Cambria"=20
bgColor=3D#ffffff leftMargin=3D0 topMargin=3D0 CanvasTabStop=3D"true" =
acc_role=3D"text"=20
name=3D"Compose message area">
<DIV>Start by thinking about the purpose of your guidebook, who the =
audience is,=20
and what you want them to do with it. For instance, the first question =
to answer=20
is this: will your book enumerate security policies, which describe =
what's=20
expected and why, or will it cover processes and procedures, which =
describe=20
how you implement your security requirements and policies?</DIV>
<DIV><BR>_________________________________<BR>Steve Riley<BR><A=20
title=3Dmailto:steve.riley@microsoft.com=20
R><A=20
title=3Dhttp://blogs.technet.com/steriley=20
href=3D"http://blogs.technet.com/steriley">http://blogs.technet.com/steri=
ley</A><BR></DIV>
<DIV> </DIV>
<BLOCKQUOTE=20
style=3D"PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; =
BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
<DIV>"Bernardo" <<A =
title=3Dmailto:Bernardo@discussions.microsoft.com=20
=
icrosoft.com</A>>=20
wrote in message <A=20
=
20135-4553-4E28-A845-904191A0BAB6@microsoft.com</A>...</DIV>Hello=20
all! Can anyone give me some advice on creating a security=20
guidebook. <BR>I've been asked to create this guide based off =
what we=20
monitor and how. Are <BR>there best practices for creating a =
guide; what=20
should or should not be <BR>included; etc. Thanks in advance for =
any=20
advice.</BLOCKQUOTE></BODY></HTML>
------=
|
| Similar Threads | Posted | | Security to limit creating new folders in shared network drive | September 7, 2005, 12:11 am |
| Creating a Thread as a different user? | September 13, 2006, 1:44 pm |
| Re: creating password policies | October 16, 2008, 7:42 am |
| RE: creating password policies | November 12, 2008, 2:28 pm |
| Creating local user account from ASP.NET (C#) | April 24, 2007, 8:02 am |
| Creating Certificate for a wireless projector | February 8, 2008, 7:12 am |
| creating PKI certificates without using a FQDN in the Name field | October 30, 2008, 6:05 pm |
| Creating a recovery agent on local computer | January 12, 2006, 9:40 pm |
| creating folder with emails, copying onto disc, cd | August 10, 2006, 12:50 pm |
| Creating a very limited user account to run a service | September 6, 2006, 11:04 am |
|
XML site map