Difference between revisions of "All n One - Departments - Security"
From All n One's bxp software Wixi
(→Week 1: Maintenance) |
(→Week 2: Training) |
||
| Line 37: | Line 37: | ||
The generation of self-development and company training from breaking industry news articles and new industry learning identified from work in all areas. | The generation of self-development and company training from breaking industry news articles and new industry learning identified from work in all areas. | ||
| − | + | This process involves reviewing the latest aspects in IT security from online sources and reviewing how to mitigate against the latest threats. | |
== Week 3: Review == | == Week 3: Review == | ||
Revision as of 12:43, 30 April 2015
Contents
1 Intro
So what does the All n One Security Department actually do?
They provide security, update and validate processes and procedures (including business continuity / disaster recovery).
2 Primary Weekly Program Focus
Of a year there 52 weeks. Breaking these into 13 rotations of 4 weeks.
2.1 Week 1: Maintenance
Monthly maintenance on all aspects of all infrastructure.
The infrastructure is viewed in depth to spot changes and possible shifts in data. These findings are documented and held to be compliant with ISO27001/COBIT processes. These checks include:
Disk Space, Back-ups stored, Anti-Virus Checks, System optimisation software check, Spyware Scan, Windows Update Checks, Installed program review.
2.2 Week 2: Training
The generation of self-development and company training from breaking industry news articles and new industry learning identified from work in all areas.
This process involves reviewing the latest aspects in IT security from online sources and reviewing how to mitigate against the latest threats.
2.3 Week 3: Review
Formal security review of specific / general aspects of BeX for circulation to clients. Where possible review to outsource or automate the mundane / repetitive tasks.
2.4 Week 4: Documentation
Internal write ups for Wixi or internal process / procedure improvement.
3 Daily Breakdown Focus
Variable is for operational overflow, quality assurance of new solutions, potential security review of new code, review of security of implementations.
Program is for the "Primary Weekly Program Focus" as discussed above.
4 Daily Hour Schedule (1)
- Backup: Did the backups run, review the sizes and make recommendations
- Scheduled Tasks: Did the tasks actually run and for failures make recommendations
- Space: Ensure we have space, on all drives, internally and externally. Trend growth. Make recommendations where necessary.
- Log Review: A number of devices and services have logs. Build the repository, trend and make recommendations where necessary.
- Hamster Review: Locate exceptions and make recommendations where necessary.
5 Rotating Daily Schedule (2)
- Web: The web servers of BeX. Reviewing logs, setup and configurations with a reporting, 404 and customisation perspective.
- Db: The database servers of BeX. Ensuring efficiency, slow log review, security and performance reviews.
- Client: BeX Client and Configuration review. Examine client set ups and make recommendations where required. Developing a client rotation.
- Office: The All n One offices in Ballymount. All aspects of security, backup and infrastructure and its security.
6 Strategic Deliverables
Identify and incorporate industry best practices in collaboration with all departments.
Work into all aspects of operations:
- ISO 270001
- ENISA
- Data Protection
- PCI DSS
Defining and refining All n One Security and Infrastructure processes and procedures
Assistance in defining and refining company SLAs
