The steps below will help ensure that your system complies with the CU-Boulder minimum security standards. These steps are based on the CERT Security Knowledge in Practice method and will also help ensure both security and survivability. Additional information on SKiP can be found at http://www.cert.org/archive/pdf/SKiP.pdf and a summary is provided below.
While it seems obvious that understanding the mission of a system is critical to ensuring a secure configuration, all too often administrators install every possible option on a system. It is also important to understand University policies and guidelines before you start the acquisition and installation of a new system. Click here for IT Policies.
Systems and software as shipped by vendors more likely have vulnerabilities which require patching or configuration. The recommended principles below will form a strong foundation helping to harden and secure systems (network servers, user workstations). Remember if you system is a critical system or contains sensitive information additional hardening steps will be necessary (see the Additional Security Resources below for more help).
Other practices include the creation of a computer deployment plan (network services, users/user privileges, access enforcement, intrusion detection, backup/recovery, network connections), securely configuring network service clients, and using a tested model configuration for workstations.
The only way to detect a security incident is to understand "What is normal operation?"
Once you understand what "normal" is you can discover problems by monitoring transactions performed by some asset (such as looking at the logs produced by a firewall system or a public web server).
Problems or security incidents will always occur so it is important to know how you will respond to incidents before they happen. Additional details can be found in the OIT incident response page.
Remember the adage "Fool me once shame on you. Fool me twice shame on me!" It is important to learn from incidents and improve systems and processes. Identify lessons learned, periodically re-harden the system, securely retire systems by wiping drives.