IT Best Practices for Community Colleges Part 3: Configuration Management 2010
-
Upload
donald-hester -
Category
Technology
-
view
67 -
download
0
description
Transcript of IT Best Practices for Community Colleges Part 3: Configuration Management 2010
Donald HesterMarch 30, 2010
For audio call Toll Free 1-888-886-3951
and use PIN/code 133206
IT Best Practices for Community Colleges Part 3: Configuration ManagementIT Best Practices for Community Colleges Part 3: Configuration Management
• Maximize your CCC Confer window.• Phone audio will be in presenter-only mode.• Ask questions and make comments using the chat window.
HousekeepingHousekeeping
Adjusting AudioAdjusting Audio
1) If you’re listening on your computer, adjust your volume using the speaker slider.
2) If you’re listening over the phone, click on phone headset.
Do not listen on both computer and phone.
Saving Files & Open/close CaptionsSaving Files & Open/close Captions
1. Save chat window with floppy disc icon
2. Open/close captioning window with CC icon
Emoticons and PollingEmoticons and Polling
1) Raise hand and Emoticons
2) Polling options
Donald Hester
IT Best Practices for Community Colleges Part 3: Configuration ManagementIT Best Practices for Community Colleges Part 3: Configuration Management
“The management of security features and assurances through control of changes made to hardware, software, firmware, documentation, test, test fixtures, and test documentation throughout the life cycle of an information system.”• National Information Systems Security
Glossary
7
Control Objectives for Information and related Technology (COBIT)
Information Technology Infrastructure Library (ITIL)
International Standards Organization (ISO)
National Institute of Standards and Technology (NIST)
8
80% of IT systems outages are caused by operator and application errors.
1 admin for every 100 servers More planned work than unplanned work More staff early in lifecycle Collaboration Posture of compliance (IT standards) Culture of change management Understand causality Manage by facts
Configuration Management Change Management Release Management Incident Management Problem Management
Benefits of Configuration ManagementBenefits of Configuration Management
Good CM does not increase workload it decreases it
Fewer Incidents Greater Return on Investment (ROI) Faster Recovery (MTTR) Improve IS quality Improve IT service
Configuration identification• Baseline, gold standard
Configuration control• Change management, change control
Configuration status accounting• Enforcement
Configuration audits• Testing
13
Configuration Management Database (CMDB)
A repository of information related to all the components of an information system• Configuration files
• Group Policy settings
• Image files for operating systems
Details about the important attributes and relationships between them
14
Develop, disseminate, and review/update
A documented configuration management policy
Addresses purpose, scope, roles, responsibilities, management commitment, coordination among organizational entities, and compliance
15
Develop, document, and maintain under configuration control, a current baseline configuration • Images
• Builds
• CMDB
• Configuration files
• GPO (Group policy objects)
16
A place to start• Federal Desktop Core Configuration (FDCC)
• CIS Benchmarks
Modify based upon your needs• You may have different configurations for
different workstations
• Compatibility issues
• Interoperability issues
17
Determine the types of changes to the information system that are configuration controlled
Approve configuration-controlled changes Coordinate and provide oversight for
configuration change control activities Document approved configuration-
controlled changes
18
Analyze changes to the information system to determine potential security impacts prior to change implementation • Confidentiality
• Integrity
• Availability
• Interoperability
• Compatibility
19
Define, document, approve, and enforce physical and logical access restrictions associated with changes to the information system • Limit who can make changes
• This means no local admins
• Automate if possible
20
Configure the information system to provide only essential capabilities and specifically prohibit or restrict the use of functions, ports, protocols, and/or services • If it is not needed why have it?
21
Develop, document, and maintain an inventory of information system components • Accurately reflect the current system
• At a level of granularity deemed necessary
22
There is no compulsory IT standard required for local governments
The National Institute of Standards and Technology (NIST) encourages state, local and tribal governments to consider the use of these guidelines, as appropriate
In adopting NIST standards the local government demonstrates due diligence• NIST Special Publication 800-128 [when finalized]
• NIST Special Publication 800-53 Rev. 3
• NIST Special Publication 800-37 Rev. 1
• Federal Desktop Core Configuration (FDCC)
From the IT Process InstituteISBN: 0-9755686-1-2
Institute of Configuration Management • http://www.icmhq.com/
NIST (FDCC)• http://nvd.nist.gov/fdcc/index.cfm
Center for Internet Security (CIS) Benchmarks• http://cisecurity.org/
IT Governance Institute (ITGI)• http://www.itgi.org/
25
Donald E. HesterCISSP, CISA, CAP, MCT, MCITP, MCTS, MCSE Security, Security+
Maze & Associates
@One / San Diego City College
www.LearnSecurity.org
http://www.linkedin.com/in/donaldehester
http://www.facebook.com/group.php?gid=245570977486
Q&AQ&A
Evaluation Survey LinkEvaluation Survey Link
Help us improve our seminars by filing out a short online evaluation survey at:
http://www.surveymonkey.com/s/10SpIT3
“Engaging every online student in lean and green times.”
June 16, 17, & 18 - San Diego City CollegeRegister now at http://otc10.org
Join us in San Diego at the2010 Online Teaching ConferenceJoin us in San Diego at the2010 Online Teaching Conference
Thanks for attendingFor upcoming events and links to recently archived
seminars, check the @ONE Web site at:
http://onefortraining.org/
IT Best Practices for Community Colleges Part 3: Configuration ManagementIT Best Practices for Community Colleges Part 3: Configuration Management