Implementing Defense In-Depth at the Department Level

This case study describes the procedures used to improve computer security within my department by following the principles of defense in-depth. It presents a step-by-step approach for improving security by defining risks, assessing vulnerabilities, and implementing measures to reduce the likelihood that those vulnerabilities may be exploited. Finally, the study describes what effect the measures had on overall system security once they were in place. A limited risk assessment was performed to define the department's threats; these were evaluated against the SANS Top 20 List. The assessment was used to identify three areas of security which warranted closer examination. These areas included password management, Windows workstation security (hardening), and Windows patch management. Password management issues were addressed by forcing strong passwords at the workstation level using Novell's single sign-on technology. Windows security was addressed using custom security templates and the Microsoft Security Configuration and Analysis tool. Patch management was addressed using the Windows Automatic Updates feature and verified using Microsoft's Qfecheck utility. Finally, methods including password auditing, port scanning, and patch auditing were used to monitor the impact of the new Key measures.