Best IT Documents.com Blog


Sample Excel – IT Skills Discovery Spreadsheet

Posted in Business (600),Sample - IT Spreadsheets - PowerPoints (251) by Guest on the February 28th, 2013
Comments Off on Sample Excel – IT Skills Discovery Spreadsheet

Sample Visio – Sample SMS Configuration

Posted in O S (375),Visio Samples - Stencils (457) by Guest on the February 27th, 2013
Comments Off on Sample Visio – Sample SMS Configuration

Sample – Corporate Minimal Wireless Security Requirements

Posted in Compliances (1300),Security (1500) by Guest on the February 27th, 2013

By default, all wireless network segments are prohibited from connecting to the corporate production network, unless authorized by the employee’s first line manager and the Director IT Security Services

  • The Security Service Manager must be informed when wireless segments are connected to the corporate network.
  • The Security Service Manager must approve any deviations from the security standards established herein.
  • For guest wireless access connected through a standalone broadband connection, notice and approval is not required but compliance with the following configuration standard is still required. 

Minimum Wireless Security Design Requirements

When authorized, wireless segments will comply with the following design requirements:

  • Position the location of Wireless Access Points (WAPs) to restrict the wireless signal to inside the building as much as possible.
  • Locate WAPs in secured areas to prevent unauthorized physical access and user manipulation where practical.
  • Change “easily identifiable” SSID broadcasting that would identify the WAP as a corporate asset with the exception of the wireless Guest Network.
  • Disable the ability to configure or manage the WAPs via wireless.
  • Maintain an up-to-date inventory of all WAPs and a diagram that identifies the physical and logical location.
  • Change default passwords and encryption keys on all WAPs.
  • Change default SNMP community strings on all wireless APs.
  • Disable promiscuous broadcasting of MAC address.
  • Transmission encryption will be implemented with WPA2 or better.
  • Disable all vendor supplied user accounts and default passwords. 

Wireless Access Point Network Configuration

  • Place a firewall between the wireless network and corporate production network as determined by a risk assessment.
  • Test and deploy software patches and updates in accordance with patch management standards. 

Wireless Access Points Connected to Corporate Networks

  • Configure each WAP to log all system activity and send logs to a central log server.
  • Deploy Intrusion Detection Systems (IDS) / Intrusion Protection Systems (IPS) on the wireless network to report suspicious activity (wireless event logs). 

Wireless Requirements For Clinical Systems

  • All clinical systems with wireless capabilities must be tested for compliance to the requirements listed above prior to releasing to the production environment. 

Monitoring

  • Review wireless event log files.
  • Continuously monitor to detect rogue and friendly WAPs.
  • Perform vulnerability scanning of wireless access points

Report rogue WAPs to the Manager, Security Service Management. 

http://www.bestitdocuments.com/IT_Security_Methodology_solutions.html

 

Comments Off on Sample – Corporate Minimal Wireless Security Requirements

Sample Word – Information Security Encryption Standard

Posted in Policies - Standards (600),Security (1500) by Guest on the February 26th, 2013
Comments Off on Sample Word – Information Security Encryption Standard

Sample Word – IT Hardware Support Policy

Posted in Policies - Standards (600) by Guest on the February 26th, 2013
Comments Off on Sample Word – IT Hardware Support Policy

Sample Word – Firewall Services – Sample Service Specific Permissions

Posted in Firewalls (75),Networking (340),Security (1500) by Guest on the February 26th, 2013
Comments Off on Sample Word – Firewall Services – Sample Service Specific Permissions
Next Page »