Abstract
Baselines have
many different uses in Information Technology. The applications include the use
of baselines in anomaly-based intrusion detection systems to identify behavior
changes in the network. Baselines also get used in server monitoring tools to
detect changes that occur in the system performance. This research
comprehensively addresses baselines as the minimal standardized level of
security in organizations.
Security baselines
The standardized
minimum level of security in which all the systems in a company must comply
with so as to protect is vital assets gets referred to as a security baseline.
It is the plan that applies pieces of trusted computing base for each server
role to computers. It is a detailed description of how to configure and administer
a computer. This lowest common denominator in organizations is responsible for
developing a firm as well as stable security structure on which the company
relies and builds its assurance. Each organization has a security policy that
defines its security baseline and it many includes requirements such as
operating systems versions, patches/upgrades, specific hardware components,
service packs, configuration settings, add-on applications, and service
settings. For an organization to establish a security baseline and implement
security in an environment it is essential to document all aspects of the
system, from the design to execution, tuning and securing. The lack of
sufficient system documentation results in major challenges in securing the
server. This problem is because security enhancements in a system without
adequate documentation all the details regarding the operating system,
applications, updates, patches and hardware configuration must get discovered.
However, with proper system documentation an IT security expert can quickly
make additions to the system without the need to reexamine the entire
environment.
Minimum security
baselines offer an extensive, integrated set of controls that get accepted by
numerous enterprises for application in setting their standards. Each
organization has the responsibility of determining its required level of
security, thus, could themselves consider establishing own minimum security
baselines. According to Stewart (2006), the following are the basic procedures
followed for developing a security baseline.
I.
Eliminate all the unnecessary components
in the system such as protocols, services, applications, and hardware.
II.
Update and patch the operating system as
well as all installed applications, protocols, and services.
III.
Make secure configurations of all
installed software.
IV.
Impose restrictions on information
distribution for the system, its active services, and its hosted resources.
Secure
baseline configuration for Linux servers
The following
are some of the best practices that organizations must apply when developing a
reliable baseline for a Linux server;
a) Ensure
high root protection using a strong password.
b) Next,
prevent CTRL+ALT+DEL from shutting down the computer. This modification gets
performed by editing the initial file in the etc. directory and adding a “#” in
front of the following line: ca:
:ctrlaltdel :/sbin/shutdown –t3 –r now
c)
Next, cause the system to load the
new setting by implementing the following from the command prompt: /sbin/init q
d) Then,
ensure you prevent unnecessary daemons from running. Daemons get stored in the
/etc/r.d directory. Distribution-specific is the procedure for configuring the
particular daemons required to load (Cole, Krutz & Conley, 2007).
All organization
a must undertake company risk assessment needs to ensure that a set of controls
capable of protecting the largest proportion of its systems gets identified.
This strategy enables an organization to create the right set of minimum
security baselines by providing a robust foundation. At a high level, the risk
assessment evaluates the organization assets that require protection as well as
the possible threats that would impact the operations and processes of the
company. The risk assessment then emphasizes in determining the particular
controls necessary for providing adequate security to vital organization assets
irrespective of the existing controls. The application of the minimum security
baseline may frequently get assessed as part of the certification of each
system; however, it must continually get evaluated and updated on an
enterprise-wide basis. This aspect is due to various changes in the
organization’s processing environment enterprise function, user community, and
operating locations may also necessitate for modifications in the minimum
security baselines.
It is essential
that security baselines get established for each computing platform and get
often reviewed when there is the availability of new releases of the standards.
This operation ensures that
i.
Baselines get kept up to date.
ii.
Baselines get proper documentation.
iii.
Baselines get established for each
operational platform such as UNIX, Windows, Mainframe, RACF, Oracle, SQL
database, network devices, and virtualization servers.
iv.
The baseline exceptions get approved by
the management as well as get documented.
v.
Baselines get tested before getting
rolled out to production.
vi.
All devices get monitored as well as
compared to the baseline.
vii.
Quarterly reviews of compliance get
conducted.
Importance of security baselines
The security
baseline enhances the security of systems. The security baseline sets several
security settings in a system. However, they should all stay in one place
otherwise if an audit indicates that the settings vary then it is a
representation of a conflict. The minimum security baseline also minimizes the
cost of ownership since the security settings are the same. In the case of
let’s say 50 different security settings, the security policy required for
changing these settings would be huge, and would require the configuration to
get done separately. The security baseline also enhances availability since if
the systems have got configured the same, troubleshooting would be easy for the
help desk staff (Johnson, 2014).
Security
baselines play a crucial role in enabling the efficient response to a potential
security threat. This factor gets attributed to the fact that security
baselining establishes an easy approach for capturing the existing system
security configuration. In most cases there is little need to capture the
current security configuration since the system got created from a standardized
security baseline and adhered to all strong change control measures. However,
it is necessary to monitor system’s security configuration periodically because
all systems are vulnerable to unauthorized modifications. It is also crucial to
understand and capture all authorized system modifications.
Minimum security
baselines must get adopted by an organization so as to ensure that the control
requirements in that company get specified across the whole control spectrum.
The security baselines always must address the operational controls, management
controls, and technical controls. Organizations should ensure they emphasize
the importance of minimum security baseline cross-reference numbers since the
basis for control identification as well as weakness in other certification,
and accreditation documentation gets formed here.
Conclusion
It is vital for
every organization to assess its security needs and requirements and
consequently develop a secure baseline that effectively meets its needs and
requirements. A secure baseline in an enterprise entails the installation of
the operating system, configuring different operating system settings, applying
service packs and hotfixes, as well as making proper documentation of the
security baseline process. Security baselines provide numerous advantages to
the security of an organization as well as the protection of its vital assets,
hence need for integration of the right security baseline and implementation of
periodic monitoring.
References
Cole, E., Krutz, R. L., & Conley, J. (2007).
Wiley Pathways Network Security Fundamentals. John Wiley & Sons. p. 201 –
284
Johnson, R. (2014). Security policies and
implementation issues. Jones & Bartlett Publishers. p 376 - 396
Stewart, J. M. (2006). Security+ fast pass. John
Wiley & Sons. p. 103-134
Sherry Roberts is the author of this paper. A senior editor at MeldaResearch.Com in cheap essay writing service if you need a similar paper you can place your order for legitimate essay writing service.
No comments:
Post a Comment