Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· Directory
· Downloads
· FAQ
· Forums
· Search
· Sox_Admin
· Statistics
· Submit News
· Surveys
· Top 10
· Your Account

Sarbox Compliance
The appropriately named Sarbanes-Oxley Compliance Toolkit includes a whole range of materials specifically put together to both introduce, and take you through this most important of legislation.

For detailed information see the toolkit's own website: Sarbanes-Oxley Compliance


SOX Act and Security
As security is such a major theme on the Act, many organizations are using the international ISO standards. The ISO 27001 Portal outlines these. A copy of the standards, and security policies, can be obtained via the ISO 17799 Toolkit.

The SOX email storage requirements can be fulfilled using the GFI MailArchiver


SOX Advertisers


Sarbanes What?
Our server logs indicate some interesting mis-spellings: Sarbannes Oxley, Sorbane Oxley, Sarbanne Oxley, Sarbaines Oxley, Sarbanesoxley, Sorbanes Oxley, Sabanes Oxley, Sarbane Oxley, and Sarbanes Oaxley, to name but a few!

Sarbanes-Oxley Act Forum: Forums

The Sarbanes Oxley Act :: View topic - Securing Mac Workstations
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin 

Securing Mac Workstations

 
Post new topic   Reply to topic    The Sarbanes Oxley Act Forum Index -> Sarbanes-Oxley: IT Issues
View previous topic :: View next topic  
Author Message
JLewis
Soxer
Soxer


Joined: Jun 17, 2008
Posts: 37
Location: Vancouver

PostPosted: Fri Jul 11, 2008 5:29 pm    Post subject: Securing Mac Workstations Reply with quote

Ok, this has come up out of left field but is surely going to cause some issues with compliancy, atleast in the domain of network and desktop security, but how in the world can you secure Mac workstations along side a PC environment? Any help would be awesome as i really do not know much about mac security.

Please, any help would be greatly appreciated.
JL
Back to top
View users profile
Denis
SoxGuru
SoxGuru


Joined: Nov 25, 2004
Posts: 790
Location: London, UK

PostPosted: Mon Jul 14, 2008 5:16 am    Post subject: Reply with quote

Presumably you are talking about Macs sitting on the same network as PCs, in which case the Network OS security issues are not significantly different.

In terms of sceuring the Mac desktop there are a few issues you need to be aware of, a couple of resources you might try would be:
- auditnet.org (this site will include some work progammes)
- cert.org
- sans.org

theres is also an interesting article here:

computerworld.com/hardwaretopics/hardware/story/0,10801,104985,00.html
_________________
"The art of life is to deal with problems as they arise, rather than destroy one's spirit by worrying about them too far in advance" - Cicero
Back to top
View users profile
harrywaldron
SoxGuru
SoxGuru


Joined: Jan 12, 2006
Posts: 849
Location: Roanoke, Virginia

PostPosted: Mon Jul 14, 2008 8:03 am    Post subject: Reply with quote

Security is more of a "process" rather than being specifically hardware or software related. In other words, you should take the same precautionary protective measure for Apple workstations, just like Windows client PCs.

For the most part, Apple Mac computers have enjoyed a fairly good track record when it comes to security. There are a fewer in-the-wild threats and the Apple OS X operating system has a Linux-kernel based design, that is fairly secure.

Still, security is only as strong as it's weakest link. Thus you want a strong chainlinked fence to keep the fox out of the chicken coop.

Recommendations:

1. Keep all operating system, browser, and software products as up-to-date as possible on security patches.

2. Anti-virus software (anti-spyware might be beneficial also)

3. Firewall protection is always a must

4. Authentication to networks (with strong password settings, rotations, and other best practices)

5. Security policies that include the Mac environment (e.g., discouraging too much personal use, installation of non-business software, etc)

6. Use of Firefox 3 might be beneficial to look at as a complementary browser to Safari (which has suffered some recent security issues)

7. Tracking of Apple security exposures and risks as they develop (e.g., monitor Secunia, Internet Storm Center, Apple's security bulletins, FRSIRT, etc)

As noted, this list is fairly similar to keeping Windows client PCs secure. These links might help (please paste to browser):

Code:
http://www.google.com/search?hl=en&q=corporate+macintosh+security+best+practices
https://security.berkeley.edu/mac.html
http://www.networkworld.com/news/2007/022707-mac-os-going-corporate.html
Back to top
View users profile Visit posters website


Display posts from previous:   
Post new topic   Reply to topic    The Sarbanes Oxley Act Forum Index -> Sarbanes-Oxley: IT Issues All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Forums ©

 
Trademarks referenced on the SOX Act Forum are property of their respective owners. Comments are property of their respective posters.
Sarbanes-Oxley Act Implementation Portal: Sarbanes Oxley compliance, information, software, & internal audit committee resources. Sarbox.
Site source is copyright nuke (c)2003, and is Free Software under the GNU / GPL licence agreement. All Rights Are Reserved.