Introduction to security on Drupal and introduces some testing tools, common problems and solutions.
We also introduce the concept of a response team and best practices to get you started.
12. Social Engineering Meet Kevin Mitnick Master of Social Engineering. http://mitnicksecurity.com/ It seems to be a universal truth that most people don't believe Social Engineering (gaining information by deceit) could be so easy. "No one could be that stupid" is a common phrase heard from people who first learn how these types of attacks work. However, once demonstrated (especially with some personal information of theirs) they become hard and fast believers. Just seeing it in action brings home the reality that information can leak through most any worker and that one must always be on guard.
What is a tiger team. A tiger team is a group of experts assigned to investigate and/or solve technical or systemic problems. The term may have originated in aerospace design but is also used in other settings, including information technology and emergency management.[citation needed] According to a 1964 definition, "In case the term 'tiger team' is unfamiliar to you, it has been described as 'a team of undomesticated and uninhibited technical specialists, selected for their experience, energy, and imagination, and assigned to track down relentlessly every possible source of failure in a spacecraft subsystem." The term used by Rockwell Collins for a roaming installation team. It is believed that they came up with the term "Tiger Team" - source, wikipedia.
As part of the tiger team Identify contact points for out of hours. Setup a mailing list for all team members. Provide all contact numbers for external resources to the team. Access to communications plan and any associated documents. Identify a chain of command, escallating issues down the chain. Schedule daily response meetings during the investigation. Establish a communication plan for the team to keep all stake holders informed. Have a web page on your intranet. Flag emails with an incident response code, so they can be collated by legal. Setup communication plan for employees so they know how to respond if contacted by the press. Manage disclosure between employees and the public. Team members will keep their own departments apprised of the status of the investigation. Appoint a team leader, dedicated to the task.
Corporate Communication Plan - Different levels according to scope of the breach - Internal staff, how to respond to requests for information from reporters, bloggers etc. - Prepared press statement. - Single point of contact, usually your corporate communications manager. - Consult with authorities before communicating anything to the public How prepared is your information technology (IT) department or administrator to handle security incidents? Many organizations learn how to respond to security incidents only after suffering attacks. By this time, incidents often become much more costly than needed. Proper incident response should be an integral part of your overall security policy and risk mitigation strategy.
Shutting down the server can execute code to clean evidence, powering down is much safer and preserves evidence.