Sunday, September 13, 2009

More on Locking Down Your Switch.....

In my last post I talked about the importance of locking down (disabling) physical access on your network switches to only those with authorized access. I discussed how, along with being a best practice, it is also a requirement of such standards as PCI DSS and ISACA.

Let's add another standard to that list today and that's NERC. Indeed, NERC CIP 007-1: R2 states that "The Responsible Entity shall establish and document a process to ensure that only those ports and services required for normal and emergency operations are enabled."

More to come.....


Post a Comment

<< Home