|
What needs to be secure?
How to determine what is necessary.
What are the risks if it goes wrong?
How to ensure the site is secure
Looking at the steps that need to be taken to ensure that all the areas mentioned below are covered
Testing for security
Easy, inexpensive testing
Obtrusive testing
Vulnerability testing
Penetration tests
ISO 17799
Logical & physical security
Roles
Logical access to the system
Passwords
Data & encryption
Servers
Cameras
Biometrics
Internal & external security
Determining the measures needed to ensure that systems and data are safe and that processes are in place to monitor and test security.
Ensuring roles are properly set up and maintained
Access controls
Vulnerability tests
Penetration tests
Processes and procedures
Are procedures laid down to cope with all the security items above?
Are procedures in place to cope with any security problems?
Are role changes handled correctly?
|
