RE: Allowing scanning from home

• Previous message: Don Parker: "Re: Periodicals/Magazines"
• In reply to: ericaldrc51_at_netscape.net: "Allowing scanning from home"
• Next in thread: tony tony: "Re: Allowing scanning from home"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <ericaldrc51@netscape.net>, <security-basics@securityfocus.com>
Date: Thu, 28 Oct 2004 12:39:49 -0700

  Your security staff should not be the only team that audits your
network security, but trying to prohibit them from doing so doesn't
sound productive. (I once worked for a company that didn't trust
the IT security team to touch the machines of the top-level executives
-- which meant, of course, that those became the least secure machines
in the whole organization, when they were the most sensitive....)

  Your intrusion-detection escalation tree should include someone who
is empowered to authorize scans as part of audit processes. Employees
should obtain authorization from that person before performing such
tests, just as outside security consultants would. (Depending on the
scope of testing, it may not be useful to advise every part of the
chain of an upcoming test, so that the escalation procedure also gets
tested.
  Authorization should routinely be granted, but exceptions may need to
be made during periods of crucial business activity. When I've had such
authority, I've added the requestor to a list of people I could call on
as additional resources in the event of a security emergency.

David Gillett

> -----Original Message-----
> From: ericaldrc51@netscape.net [mailto:ericaldrc51@netscape.net]
> Sent: Thursday, October 28, 2004 11:05 AM
> To: security-basics@securityfocus.com
> Subject: Allowing scanning from home
>
>
>
> What's the group's consensus on allowing security staff to
> scan the company's external interfaces from their home, to
> get a true external assessment. I personally don't agree
> with this for audit and other reasons. Just looking for some
> other professional viewpoints. Thx.
>
> __________________________________________________________________
> Switch to Netscape Internet Service.
> As low as $9.95 a month -- Sign up today at
> http://isp.netscape.com/register
>
> Netscape. Just the Net You Need.
>
> New! Netscape Toolbar for Internet Explorer
> Search from anywhere on the Web and block those annoying pop-ups.
> Download now at http://channels.netscape.com/ns/search/install.jsp
>

• Previous message: Don Parker: "Re: Periodicals/Magazines"
• In reply to: ericaldrc51_at_netscape.net: "Allowing scanning from home"
• Next in thread: tony tony: "Re: Allowing scanning from home"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]