CONTACTINFORMATIONNIEUWSSEARCHENGLISH
HomeTechnology
CERT-in-a-Box

The project 'CERT-in-a-Box' and 'Alerting service-in-a-Box' is an initiative of GOVCERT.NL to preserve the lessons learned from setting up GOVCERT.NL and 'De Waarschuwingsdienst', the Dutch national Alerting service.

contactinformation

Visiting address:
Wilhelmina van Pruisenweg 104
2595 AN Den Haag
Travel information

Postal address:
Postbus 84011
2508 AD Den Haag

Telephone: (070) 888 75 55
Fax: (070) 888 75 50
E-mail: info@govcert.nl
participant to:

'CERT-in-a-Box' and 'Alerting service-in-a-Box'
21 / 07 / 2006

Tips for technology

  • Seek cooperation with the General Intelligence and Security Service or another trusted partner, let them review your security policy, network design and physical architecture.

  • Implement all the steps required for your privacy policy. See Legal chapter. Ensure that you know what information will be stored on what system and under what conditions. For example, look at your backup tapes - which of them should you encrypt because there is private or sensitive information on them and do you want to store them off-site?

  • Apply a multi layered security strategy (belt-and-braces) in your network topology.

  • Do not allow direct network connections from internal to external and vice versa. Do not trust the internet and external computers, do not allow them on your network!

  • Use different coloured LAN cables (green for production, red for test network), it makes it orderly and you can quickly check that production is still separated from the test environment.

  • Use a separate test network. And don't mix them up! It can and will go wrong.

  • Use disk encryption for your laptops

  • Install PGP and/or PKI on laptops for signed and trusted e-mail

  • Protect yourself against all odds, rethink what could happen and implement it. If you are not sure implement the safest solution and don't be complacent.

  • Implement fail-safes. If things go wrong and you have to move to a backup location what do you need to stay in business? Backup tapes ready for use and implementation procedures ready and tested.

  • Test your backup tapes every six months with a full restore and check all the documentation associated with that topic.




Index
References