-
Recent Posts
Recent Comments
“Christensen d… on Innovation Russell Doty on Building Successful Products Stephen John Smoogen on Building Successful Products Russell Doty on Building Successful Products Stephen John Smoogen on Building Successful Products Archives
- December 2019
- November 2019
- October 2017
- August 2017
- July 2017
- November 2016
- July 2016
- June 2016
- August 2015
- July 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
Categories
Meta
Monthly Archives: November 2014
Security Checklists and the US National Checklist Program
If you are going to perform a security audit you need a checklist. Let’s spend a minute on this. If you want a predictable outcome, you need a standard process β a standard set of steps to go through to … Continue reading
Posted in Security
Leave a comment
Availability of OpenLMI in Various Linux Distributions
A quick update on the availability of OpenLMI: I have tested Fedora, RHEL, CentOS, and OEL servers using the LMI CLI running on a Fedora system – the cross platform access works. Fedora Fedora is the primary development platform for … Continue reading
Posted in System Management
2 Comments
LISA’14 – Are We Making Linux Too Easy?
LISA’14, the Large Installation System Administration conference, was held in Seattle last week. I had the opportunity to give a talk on Server Management β if you are interested, the slides are available here. One of the questions caught me … Continue reading
Posted in System Management
8 Comments
Automation – a Security Imperative
So far we have established: Security Guides are a good idea and exist in almost all organizations. Security audits are good and widely used. Security guides are often poorly written, subject to interpretation, and difficult to apply. Security audits are … Continue reading
Posted in Security
Leave a comment
System Audits – There Has to be a Better Way!
We’re now at the point where we can discuss a system audit. We have defined what an audit is, what security requirements are, and what a security guide is. At the most basic level, a system audit involves examining a … Continue reading
Posted in Security
Leave a comment
High Level Requirements for a Security Guide
Let’s lay out some basic requirements for a security guide: The security guide must exist. It must be available, updated, and maintained. The security guide must incorporate relevant government and industry requirements. The security guide must be actionable. If it … Continue reading
Posted in Security
Leave a comment
What is a Security Guide?
In many cases a security guide is a binder full of often vague, occasionally overly specific and sometimes conflicting requirements. It has usually grown and evolved over a number of years and is written by and for people. Thus, many … Continue reading
Posted in Security
2 Comments