Information Security Best Practices: 205 Basic Rules

Section 17: Maintenance and Troubleshooting Security Rules

Once your information security system is in place and operating effectively, the main focus turns to maintenance and troubleshooting, areas which can also lead to security problems. This section addresses the most important rules for handling regular maintenance and for troubleshooting any problems that arise.

INFOSEC Best Practice #176

All users that perform maintenance operations on a computer must keep a written log of activity.

Maintenance that is performed on hardware or software must be written to a log book or computer file. Modifications, patches and updates to the system may open up security holes inadvertently and a logbook may provide a clue to the problem. The biggest problem in keeping a logbook is ensuring that system administrators, network administrators, and computer maintenance personnel actually keep the log current. Keeping a log is a best practice that makes it easier to solve problems.

INFOSEC Best Practice #177

Keep up to date with security information about new vulnerabilities to current operating systems and software.

Security can be increased by installing software patches that update security vulnerabilities. Software vendors post patches on their websites to known security flaws and bugs. Download these patches regularly and keep your system updated. Read all CERT advisories and consider subscribing to security and hacker magazines. See Appendix A for incident response centers, security web sites, and security mailing lists.

INFOSEC Best Practice #178

Keep up to date with newly released security software that may enhance security.

There is a constant stream of new software packages that...