Difference between revisions of "Security Appendix"
(→Commitments of confidentiality of the collaborators) |
(→Employee access control measures to the information system (authentication using identifiers, strong passwords)) |
||
| Line 23: | Line 23: | ||
[https://docs.google.com/document/d/1ipbV1zPnUtkQxCJl4bjtQLeFvnwPAvoTPuKrj5Arzts/edit?usp=sharing Remote access policy] | [https://docs.google.com/document/d/1ipbV1zPnUtkQxCJl4bjtQLeFvnwPAvoTPuKrj5Arzts/edit?usp=sharing Remote access policy] | ||
| − | [https://docs.google.com/document/d/1rXlOsyFSbtK4IVAQWdpBwRTw-FtWtpbdg2RcW55ouvA/edit?usp=sharing | + | [https://docs.google.com/document/d/1rXlOsyFSbtK4IVAQWdpBwRTw-FtWtpbdg2RcW55ouvA/edit?usp=sharing Password policy] |
== Traceability of connections and actions== | == Traceability of connections and actions== | ||
Latest revision as of 17:01, 24 July 2019
Contents
Commitments of confidentiality of the collaborators
Employees are expected to sign the confidentiality statement signed at the very beginning of their journey
Protection measures for applications and servers
Applications: Access control policy & Policy for IT Asset Management
Server & network services:
Users Guidelines (Policy) to access Officience network services: Network access guideline
Security controls implemented to protect servers & network services: Network access control - implementation
Vulnerabilities scanning & management for the information infrastructure( servers, desktops, network devices, web applications,..): Vulnerability Management Policy
Security incidents management: Security Incident Response Policy
Employee access control measures to the information system (authentication using identifiers, strong passwords)
Traceability of connections and actions
Log Collects
At Officience, we implement a central log system (Logstash + Elasticsearch + Kibana) to collect activities log of information facilities. It includes:
- Web server & application access log
- linux server access/system log
- windows server access log
- firewall access/activities log
Log servers are protected & can be accessed only from ITS Desktops as well as from IP that approve and open access rule from ITS
The following we can track in audit log:
- User ID
- Dates, times, details of the events
- System identity and location
- Network address & protocol
- successful or unsuccessful access attempt
- use of privileges
Log Review: daily, monthly & on-demand
Logs are kept on elasticsearch cluster that support failover. They are stored as daily indices, and we keep it for a minimum of 6 months
Servers Clock are synchronized with ntp server. Desktops clock are synchronized with Windows AD server
We implement a nagios monitoring system to monitor the use of the information systems, send alerts to our support team as soon as we got issues. It includes:
- Monitor the running of servers, firewalls, applications
- Monitor WAN interface
- Monitor the use of running systems ( cpu load, hard disk, ..)
