From Traditional Security
Part of Information Assurance - System Security SOPs
Associated with IA controls: PESP-1, DCSD-1
Failure to have documented procedures in an SOP could result in a security incident due to lack of
Check written SOPs for all systems, supporting infrastructure and physical facilities. Conduct a cursory review of the SOPs and as a minimum ensure the following areas are documented: a. Handling of suspected system compromise or spillage b. Information Operations Condition (INFOCON) procedures and policies c. Procedures for eradication after an attack d. Proper password management e. Purging of storage media (disks, CDs, DVDs,drives, etc) prior to turn-in or disposal f. Remote diagnostic and maintenance approval and procedure g. Out-processing and turn-in of equipment h. Use of screensavers/Unattended terminals i. Virus detection and scanning j. In-processing and vetting of employees for systems access (proper investigation and security clearance) NOTE: This requirement for on-hand SOPs should not be applied to a tactical environment, unless it is a fixed computer facility in a Theater of Operations. The standards to be applied for applicability in a tactical environment are: 1) The facility containing the computer room has been in operation over 1-year. 2) The facility is "fixed facility" - a hard building made from normal construction materials - wood, steel, brick, stone, mortar, etc. 3) Procedures for field/mobile elements are still required and should be available at a supporting headquarters, either in Theater or perhaps even CONUS. These may be requested during pre-trip coordination or obtained after visiting the tactical AO.
1. Security Operating Procedures (SOPs) for all systems, supporting infrastructure and physical facilities must be written. 2. The procedures must be readily available to both the Information Assurance Staff (IAM, IAO, SA) and all system users requiring information in the procedures to perform their jobs. Information can be placed in an Information System Users Guide (SFUG) and other applicable documents as appropriate. SOP availability must be on a site intranet, shared folders, WEB page, etc. for ease of reference by all employees - unless classified or otherwise requiring restricted access. As a minimum the following areas must be documented: a. Handling of suspected system compromise or spillage b. Information Operations Condition (INFOCON) procedures and policies c. Procedures for eradication after an attack d. Proper password management e. Purging of storage media (disks, CDs, DVDs,drives, etc) prior to turn-in or disposal f. Remote diagnostic and maintenance approval and procedure g. Out-processing and turn-in of equipment h. Use of screensavers/Unattended terminals i. Virus detection and scanning j. In-processing and vetting of employees for systems access (proper investigation and security clearance)
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer