-
March 2nd, 2005, 05:24 PM
#1
Senior Member
Industry Best Practices: Information/Links?
Hello all-
In my short time as an IT Auditor, one of the main things auditees ask for (besides wondering if I am human) is industry best practices that would assist them in complying with our corporate policies and standards while at the same time allowing them to avoid having to recreate the wheel (oh yes a cliche). Anyway - I was going to suggest some information, and googled some more information, but I thought to also ask here and post what I have found so far. Would anyone have any thoughts on this? I was also going to suggest this community, however many of the auditees may not be an immersed in the technology as many of us are. Then again, and most likely, I am incorrect - so please let me know if there have been best practices already published here. The other reason in posting these is part "trust but verify" in that - just because the below are toted as "best practices" I wanted to run it by this community for verification.
I am looking for best practices for security (workstation, server, network, etc.) along with DRP/BCP. Also as an FYI - I also found sites that cost quite a bit to offer best practices - one item for security cost @$350 for one whitepaper. I will post the free ones I find and ask for others as well. I will also post the sites that are pay-for and mark them as such. Here is what I have so far:
Disaster Recovery Planning (DRP)/Business Continuity Planning (BCP)
Link verified:03MAR2005:Cisco -DRP-Whitepaper: http://www.cisco.com/warp/public/63/disrec.html#topic1
Link verified:03MAR2005:South Carolina Govt DRP Best Practices: http://www.cio.sc.gov/SCEA/DisasterR...tPractices.pdf
Security: General
Link verified:03MAR2005:MOREnet Security Best Practices: http://www.more.net/security/best/index.html
Link verified:03MAR2005:System Experts Tutorials: http://www.systemexperts.com/tutorial.html
Security: Databases
Link verified:03MAR2005:SQL Server Security: http://vyaskn.tripod.com/sql_server_..._practices.htm
Link verified:03MAR2005:Microsoft SQL Server Security: http://www.microsoft.com/technet/pro...ec04.mspx#EDAA
Security: OS/OE
Link verified:03MAR2005:Red Hat/Fedora: http://lwn.net/Articles/123073/
Link verified:03MAR2005:CERT Security Improvement Modules: http://www.cert.org/security-improvement/
Security: Networks
Link verified: 03MAR2005:Cisco Networks: http://www.cisco.com/warp/public/126/secpol.html
There is a lot more that I found that I will update if deemed worthy here and look forward to seeing other information/links I have not found yet.
TIA.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|