Windows security assessment Step 5

Keep security-related problems to a minimum in your Windows shop by setting security assessment expectations

Finally, don't let all your work and all the time and input that others provide be all for nothing. Tell the key players how things ended up, what you found and what the next steps should be. If it makes sense, send them a copy of your test data or final report. This will help you gain their respect and get their buy-in when the time comes for your next security assessment. When the next round of testing returns, try integrating these steps more and more.

Be patient, keep others involved and set their expectations. Doing the right things will surely lead to improvements in your security testing program.


Setting your Windows security assessment expectations

 Home: Introduction
 Step 1: Determine the business goals
 Step 2: Get input and information from others
 Step 3: Let everyone know that problems will likely occur
 Step 4: Let your testing be known and keep people in the loop
 Step 5: Report what happened

About the author: Kevin Beaver is an independent information security consultant, speaker and expert witness with Atlanta-based Principle Logic LLC. He has more than 19 years of experience in IT and specializes in performing information security assessments involving compliance and IT governance. Kevin has authored/co-authored six books on information security including Hacking For Dummies and Hacking Wireless Networks For Dummies (Wiley) as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He also created the Security On Wheels series of audiobooks. Kevin can be reached at kbeaver@principlelogic.com.

This was last published in March 2007

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close