Chapter 8. The Puzzle in Action
In the simplest form, everything with computers can be broken down into 1's and 0's. Similarly, computer security initiatives should always be able to be broken down into their simplest form, policies. Policies identify what is authorized and what is not, assign organizational responsibilities, communicate acceptable levels of risks, and much more. The policies may be expanded in the form of procedures, which provide the step-by-step guidelines for putting the policies into action. From there, it's a matter of implementing and configuring systems appropriately, purchasing and adding security tools to monitor and safeguard the systems, and training and authorizing end users to use the resources appropriately.
Get Effective Incident Response Team, The now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
