Introduction to NonStop Operations Management
Security Management
Introduction to NonStop Operations Management–125507
9-25
Check List
Check List
The following check list summarizes the main points of security planning:
1. Develop a security policy for your organization.
2. Educate the user community and the operations staff about security and their
responsibilities for protecting the system.
3. Designate a security administrator and a security administration team to manage
security. Set up check lists for the administrator and team members.
4. Maintain physical security:
•
Limit access to the computer room (if applicable).
•
Protect the computer cabinets and tape units from accidental damage and
deliberate malicious acts.
•
Protect the tape library from intruders accessing previous backup tapes.
•
If your printers print sensitive information, make sure that each piece of output
is delivered to its proper recipient.
•
Protect on-site and off-site media storage from intruders. Keep transaction logs
for all transactions. Create clear hand-over procedures between the storage-area
staff and other staff.
•
Determine if you need to encrypt data.
5. Establish guidelines for managing user IDs, including guidelines for:
•
Assigning groups.
•
Using Safeguard access-control lists (ACLs).
•
Preventing shared user IDs.
•
Preventing multiple user IDs for one person.
•
Using the special IDs (the super ID [255,255], super-group user [255,n], and
group manager [n,255]) and the procedures for monitoring and assigning these
IDs.
6. Establish guidelines for managing passwords:
•
Require strong passwords.
•
Establish unexpected initial passwords.
•
Enforce routine password changes.
•
Teach users how to protect their passwords.
7. Establish guidelines for dial-up access. To protect your dial-up facility, use
authorization lists, additional external passwords, callback systems, and automatic
terminal authentication. In addition, periodically change passwords and telephone
numbers.
8. Secure network access: