provisioning is the set of all activities required to provide one or more new information services to a user or group of users.
At the heart of provisioning is the imperative to provide these services in a secure manner.
Asset Inventory
the most essential aspect of securing our information systems is knowing what it is that we are defending.
Tracking Hardware
The International Organization for Standardization published ISO/PAS 28000:2007 as a means for organizations to use a consistent approach to securing their supply chains.
The solution is to have a comprehensive monitoring process that actively searches for these devices and ensures compliance with your organization’s security policies.
Tracking Software
The solution to the software asset inventory problem is multifaceted. It starts with an assessment of the legitimate application requirements of the organization.
Here are some of the most widely accepted best practices:
-
Application whitelisting
-
Using Gold Masters
-
Enforcing the principle of least privilege
-
Automated scanning
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
