Legally Defensible Security
Organization’s security needs to be legally defensible. You need to demonstrate three things when any bad things happen and you want to obtain legal restitution
- demonstrate that a crime was committed;
- that the suspect committed that crime, and
- that you took reasonable efforts to prevent the crime
You need to convince a court that log files are accurate and no other person other than the subject could have committed the crime. Else you will not obtain restitution.
Requirements for complete security
- strong multifactor authentication techniques,
- solid authorization mechanisms, and
- impeccable auditing systems.
- prove that the organization complied with all applicable laws and regulations,
- proper warnings and notifications were posted,
- both logical and physical security were not otherwise compromised, and
- there are no other possible reasonable interpretations of the electronic evidence.
Reference:
Mike Chapple. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide.
No comments:
Post a Comment