Hello all,
In this post I will go over what I think should be part of every businesses security process
What is establishing a base line ?
the purpose of establishing a baseline is to know what is normal and what is not normal activity
on your network for example
if you have a website www,mysite.com you should know how much traffic you get to your site
how many logins a day how much server resources are needed to run this website
this helps with security and troubleshooting example
if your site is really slow you check your servers logs and you have 100+ logins per hour and your CPU usage is high
if you have no baseline what do you compare to ? is this simply regular traffic and your server needs to be upgraded or are you being attacked ?
without a simple baseline you would never know
Also a baseline means rolling out servers and network equipment with a security configuration that adheres to security best practices
for example Microsoft has a tool called MBSA or Microsoft security baseline analyzer this tool make sure
your server are configured to meet the security needs of you servers and your clients
making sure your systems are patched and are following best practices for password security
how else can you establish a baseline ?
1.) check your servers and network equipment regularly for trends in activity
2.) keep a minimum security baseline by following security best practices i.e password with at least 8 characters
3.) run automated tools like Microsoft baseline security analyzer for your windows server
These are just some examples
you can also reference this document by the NIST http://csrc.nist.gov/publications/nistpubs/800-27A/SP800-27-RevA.pdf
which recommends other ways to establish a baseline security policy
So all in all remember maintaining a baseline is just as important as the firewall you rely on to
secure your network
That’s all for this article
If you have any comments or suggestions please let me know !
as always stay secure !!!