Industry Best Practices
Security is no different from any other industry. Steps and techniques are expected as a baseline best practice. This section looks at some of them.
Use a Change Control Process
As mentioned earlier in this chapter, a good change control procedure has an identified owner, a path for customer input, an audit trail for any changes, a clear announcement and review period, testing procedures, and a well-understood back-out plan. Change control manages the process from start to finish. We should also mention that changes are typically applied only during nonwork hours. If your current procedure lacks any of these, reconsider carefully before using it for deployment of updates.
Read All Related Materials
Before applying any ...
Get Network Security First-Step, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
