Secure Environment for Security Guard

You must clearly define personnel management practices in your security policy and subsequent formalized security structure documentation. Personnel management focuses on three main areas: hiring practices, ongoing job performance, and termination procedures.

Understand antivirus management.

Antivirus management includes the design, deployment, and maintenance of an antivirus solution for your IT environment.

Know how to prevent unrestricted installation of software.

To provide a virus-free environment, you should rigidly control the installation of software. This includes allowing users to install and execute only company-approved and company-distributed software as well as thoroughly testing and scanning all new software before it is distributed on a production network. Even commercial software has become an inadvertent carrier of viruses.

Understand backup maintenance.

A key part of maintaining the availability and integrity of data is a reliable backup of critical information. Having a reliable backup is the only form of insurance that the data on a system that has failed or has been damaged or corrupted is not permanently lost.

Know how changes in workstation or location promote a secure environment.

Changes in a user's workstation or their physical location within an organization can be used as a means to improve or maintain security. Having a policy of changing users' workstations prevents them from altering the system or installing unapproved software and encourages them to keep all material stored on network servers where it can be easily protected, overseen, and audited.

Understand the need-to-know concept and the principle of least privilege.

Need to know and the principle of least privilege are two standard axioms of high-security environments. To gain access to data or resources, a user must have a need to know. If users do not have a need to know, they are denied access. The principle of least privilege means that users should be granted the least amount of access to the secure environment as possible for them to be able to complete their work tasks.

Understand privileged operations functions.

Privileged operations functions are activities that require special access or privileges to perform within a secured IT environment. For maximum security, such functions should be restricted to administrators and system operators.

Know the standards of due care and due diligence.

Due care is using reasonable care to protect the interest of an organization. Due diligence is practicing the activities that maintain the due care effort. Senior management must show reasonable due care and due diligence to reduce their culpability and liability when a loss occurs.

Understand how to maintain privacy.

Maintaining privacy means protecting personal information from disclosure to any unauthorized individual or entity. In today's online world, the line between public information and private information is often blurry. The protection of privacy should be a core mission or goal set forth in the security policy of an organization.

Know the legal requirements in your region and field of expertise.

Every organization operates within a certain industry and country, both of which impose legal requirements, restrictions, and regulations on its practices. Legal requirements can involve licensed use of software, hiring restrictions, handling of sensitive materials, and compliance with safety regulations.

Understand what constitutes an illegal activity.

An illegal activity is an action that violates a legal restriction, regulation, or requirement. A secure environment should provide mechanisms to prevent illegal activities from being committed and the means to track illegal activities and maintain accountability from the individuals perpetrating the crimes.

Know the proper procedure for record retention.

Record retention is the organizational policy that defines what information is maintained and for how long. In most cases, the records in question are audit trails of user activity. This can include file and resource access, logon patterns, email, and the use of privileges.

Understand the elements of securing sensitive media.

Managing information and media properly, especially in a high-security environment where sensitive, confidential, and proprietary data is processed, is crucial to the security and stability of an organization. In addition to media selection, there are several key areas of information and media management: marking, handling, storage, life span, reuse, and destruction.

Know and understand the security control types.

There are several methods used to classify security controls. The classification can be based on the nature of the control (administrative, technical/logical, or physical) or on the action or objective of the control (directive, preventive, detective, corrective, and recovery).

Know the importance of control transparency.

When possible, operations controls should be invisible or transparent to users to prevent users from thinking security is hampering their productivity. Likewise, the fewer users know about the security of the system, the less likely they will be able to circumvent it.

Understand how to protect resources.

The operations controls for resource protection are designed to provide security for the IT environment's resources, including hardware, software, and data assets. To maintain confidentiality, integrity, and availability of the hosted assets, the resources themselves must be protected.

Be able to explain change and configuration control management.

Change in a secure environment can introduce loopholes, overlaps, misplaced objects, and oversights that can lead to new vulnerabilities. Therefore, you must systematically manage change by logging, auditing, and monitoring activities related tosecurity controls and security mechanisms. The resulting data is then used to identify agents of change, whether they are objects, subjects, programs, communication pathways, or even the network itself. The goal of change management is to ensure that any change does not lead to reduced or compromised security.

Understand the trusted recovery process.

The trusted recovery process ensures that a system is not breached during a crash, failure, or reboot and that every time one of these occurs, the system returns to a secure state.