Category Archives: Procedures and Documentation

Sample Incident Response Plan

1)      The person who discovers the incident will call the grounds dispatch office. List possible sources of those who may discover the incident. The known sources should be provided with a contact procedure and contact list. Sources requiring contact information may be: a)      Helpdesk b)      Intrusion detection monitoring personnel c)      A system administrator d)     A […]

Posted in Procedures and Documentation | Comments closed

Network Diagram

Here is a very simple network diagram showing the physical connections from the internet to the various network segments. You will notice that there are 3 distinct zones, each separated from the others with a firewall. This is required by PCI standards. Only the DMZ should have direct access to and from the internet the […]

Also posted in PCI | Comments closed

Security Tasks Calendar

The following tasks should be conducted on a periodic basis. Probably the best way to do this is to setup appointments in your calendar software. Each time a task is completed it should be documented with a ticket in your ticketing system (for example Mantis) and signed off by at least two different parties.   […]

Also posted in PCI | Comments closed

Firewall Change Request Form

Change Number __________ Submitted By ____________ Signature ______________ Date _____________ Approved By ____________ Signature _______________ Date _____________ Implemented By ___________ Signature ______________ Date _____________ Source____________________ Destination____________________ Port____________________ Action____________________ Business Purpose____________________ For any insecure services, protocols, or ports please provide description of additional security controls put into place to mediate the risk. Examples of insecure services, protocols, […]

Also posted in PCI | Comments closed

Firewall Ruleset Documentation Spreadsheet

Audit Date ________________ Audited By ________________  Signature _________________ Approved By _______________    Signature __________________ No. Source Destination Port Action Business Purpose Change Request Number Mitigating Controls 1 Any www.domain.com(192.168.2.111) HTTP(80) Allow Allow outside computers to connect to webserver on port 80 1125 2 Any www.domain.com(192.168.2.111) HTTPS(443) Allow Allow outside computers to connect to webserver on […]

Posted in Procedures and Documentation | Comments closed

Firewall Security Standard

Firewalls must be placed at each Internet Connection and between the DMZ and  the internal network zone. The Security Officer must approve all changes made to the firewall. IT Admins are the only ones that shall have access to make changes to the firewall. All changes to the firewall must follow the Firewall Change Procedure […]

Posted in Procedures and Documentation | Comments closed

Firewall Change Procedure

Purpose This procedure documents the steps required to add/change/remove firewall rules, as well as any firmware or software running on the firewall itself. Scope This procedure applies to all firewalls under direct control of the organization. Background In compliance with security best practices and to ensure the security of both company and client data as […]

Posted in Procedures and Documentation | Comments closed