Tracking, Monitoring, and Reporting IT Security Baseline Definition and Policy Compliance
A baseline is a good place to start. It ensures that the systems are in compliance with security requirements when they are deployed. However, it’s still important to verify that the systems stay in compliance. An obvious question is to ask how the systems may have been changed so they aren’t in compliance. Administrators or technicians may change a setting to resolve a problem; for example, an application may not work unless security is relaxed. These changes may weaken security so that the application works. Malicious software (malware) such as a virus may also change a security setting.
It doesn’t matter how or why the setting was changed. The important ...
Get Security Policies and Implementation Issues, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
