The purpose of the Server Security Policy is to establish standards for the base configuration of internal server equipment that Blanco Wireless owns and/or operates. Effective implementation of this policy will minimize unauthorized access to Blanco's proprietary information and technology:
This policy applies to all production servers at Blanco Wireless, including web, application, and database servers.
The following directives are required of all servers at Blanco, and should be detailed in every configuration or "hardening" guide used by administrators:
Sample of Data protection policy, available free for download. This Data protection policy cover:
Scope: This applies to all PII stored on production servers in the Blanco Wireless network.
Storage: PII must be encrypted in storage and transmitted only over encrypted network connections.
The standard requires the organization to control removable computer media, such as tapes, disks, cassettes and printed reports, so as to prevent damage, theft or unauthorized access. ISO27002 recommends that documented procedures should be included in the ISMS as follows:
1. It should be required that the previous contents of any reusable media that are to be removed from the organization should be erased. The erasure must operate across the totality of the media, not simply across what appears to be the existing content, as otherwise there is a danger that information may leak to the outside world.
2. Authorization should be required for all media that are to be removed from the building, and an audit trail should be retained. Some media, such as back-up tapes,
1. Nature and role of private security officers
a. Security awareness
i. Private security officers and the criminal justice system
ii. Information sharing
iii. Crime and loss prevention
b. Legal aspects of private security
i. Evidence and evidence handling
ii. Use of force and force continuum
iii. Court testimony
iv. Incident scene preservation
v. Equal Employment Opportunity and diversity
vi. State and local laws
c. Security officer conduct
iii. Professional image
The need for data recovery is increasing this year. More and more company are prepared themselves against problem with data that need recovery activity to solved that problem. Attached below simple data recovery checklist that can be used to prevent the data loss problem.