Security, for many, seems hard to do right. I know that we all think about firewalls, patch
management, antivirus and physical security.
But I like to cover an area that does not get focused on by most
companies.
For the most part, I hear “Uh, no. We don’t know.” If you do not know what’s running on your
systems, how will you know what changed if someone breaks into your network? How will you know? I believe that you need to create a master
file (portfolio) that lists what the computers/servers are doing; what tasks/services
are being run; what ports are open; who is the owner of that application; who
are the users; what are the data backup requirements, 1 a day, once and hour ?;
and finally, who maintains master file (portfolio)?
If you have this as minimum documentation you can then do a
risk assessment and identify all the systems and prioritize what needs to be
monitored and controlled.
