MozillaWiki

User:Gdestuynder/principles

< User:Gdestuynder
Revision as of 18:52, 8 March 2017 by Gdestuynder (talk | contribs) (Created page with "<table> <tr> <td style="min-width: 25em;">__TOC__</td> <td style="vertical-align: top; padding-left: 1em;"> '''STATUS: <span style="background-color: #14892c; border...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

STATUS: NOT READY

The goal of this document is to help operational teams agree on a basic set of principles to set expectations and give overall guidance to secure a service.

The Enterprise Information Security team maintains this document as a reference guide for operational teams.

Updates to this page should be submitted to the source repository on github. Changes are detailed in the commit history.

OpSec.png

Least Privilege

Do not present unnecessary services

Do not grant or retain permissions if they're not actively used

Defense in Depth

Do not allow lateral movement

Patch Systems

Meet Web Standards

Encrypt sensitive data

Know Thy System

Audit and Logging

Are you at risk?

Inventory

Authentication and authorization

No authentication that isn't 2FA

No direct handling of user credentials

Centralize authentication and authorization

No reuse or sharing of credentials

Network identity is not authentication

Retrieved from "https://wiki.allizom.org/index.php?title=User:Gdestuynder/principles&oldid=1165113"