Computer Security - Checklist


Advertisements

In this chapter, we will discuss on an advanced checklist that we will use in order to educate users and IT staff too, when it comes to any security issues, they should come as natural expressions.

Based on all the chapters and especially on the security policies, the following table has a list of checklist that touches most of the components that have been discussed in this tutorial.

Checklist Status of task
Server Room
Server rack installed properly
Air conditioning present
Temperature monitoring and alarm system is in place
Automatic smoke/fire detection is available
Water entry prevention detector is available
Fire extinguisher is in place
Local LAN wiring is done properly
Business Critical Services
Redundant power supplies are available
RAID systems are available
UPS systems are in place
Emergency systems are in place
Documentation is up to date
Professional support is provided
SLAs are signed
Emergency plan is prepared
Business Internet Account
Redundant lines
Insurance for ICT equipment is available
Information Systems
Server is installed according to the Setup Policies Manuals
Standard GPOs are configured on the Server
System security is done
System documentation is up-to-date
Data backup is configured properly and done regularly according to backup policies
To check proper naming of all computers, network devices to be in line with IT Policy
Standard Whitelist Software to be aligned on all PCs
All PCs in domain system
Administrator privileges are taken from computer users
Program privileges are on minimum needed level
Information Security
Identity and access management is configured
Data access possibilities are minimized to needed level
Virus protection software is installed on each PC
Human Factor
ICT System and email Usage Policy is rolled-out (should be checked as per the disciplinary safeguards)
Staff awareness training is provided regularly
Responsibilities are documented
Maintenance of Information Systems
Security updates are installed on all PC’s
ICT internal alert and notification system is configured
Security update action plan is done
Security update roll out plan is in place
General
Network IP address schema are in line
Network Security
Firewall access rules and open ports are compliant with the firewall policy
Protection of sensitive information is in place
Restriction of communication services is enabled
VPN is configured properly with the partners
WLAN security is enabled on all WIFI devices
Limited internet access is configured
BYOD regulations are implemented
Network Management
Bandwidth Management System is configured
Network Monitoring System is available
DRP files are up to date

Please keep in mind that this list can be modified according to your company needs and staff too.

Advertisements