Honeynet Incident Management Policy

889 Words4 Pages

1. Purpose
Incident Management Policy purpose is to ensure that any incident that affect the operation of the Honeynet company is responded to and handled in proper way. This policy provides the framework for the implementation of best practices for Incident Management. Additionally, the objective of Incident Management Policy is to describe restoration of the normal operations of the Honeynet company.
2. Scope
This Incident Management Policy applies to all data, IT resources, and assets created, managed, leased, stored, used or owned by the Honeynet company. Additionally, this policy applies to all employees, partners and contractors of Honeynet company.
3. Policy
The Honeynet Incident Management policy is divided into three sections:
• Incident …show more content…

IM-2 Incident Definition
• Event or series of events that results in violation or imminent threat of computer security policies that affects company’s normal operation, for example attacker causes server to crash, attacker obtaining sensitive data
IM-3 Incident Detection
• Upon detection of incident please contact immediately Incident Response Team
• Incident should be reported to management, Incident Response Team and/or legal team if necessary
• The Incident Response Team decides upon Incident Response and further actions
IM-4 Law Considerations
• Incident Response Team is responsible for investigation if the incident has legal implications
• Upon detection of security breach or other law compliance failure by Incident Response Team senior management is responsible for contacting authorities
• It is forbitten to talk with media or post on social network about incident
• Only authorized parties have permission to release any incident information to the media
Disaster Recovery
DR-1 Disaster Recovery Procedures
• The Honeynet company must provide proper Disaster Recovery policies, procedure, and guidelines
DR-2 IT Contingency Planning
• Management is responsible to outline the proper policies, procedures, and guidelines that are related to major IT incident or incident that directly affects IT …show more content…

DR-4 Data Backups
• The Honeynet management is responsible for proper data backup policy, procedure, and guidelines
• Please refer to Data Backup policy
DR-5 Succession Planning
• In the event of key management personnel death, accident, or other immediate loss of ability to perform the job duties please refer to succession chart in order to determine succession
• The succession chart is available for revision by authorized parties in HR office
Incident Response
IR-1 Incident Response Procedures
• The Honeynet company must provide proper Incident Response policies, procedure, and guidelines
• Incident Response Team is responsible for proper Incident preparation
• Incident Response Team is responsible for proper Incident Response execution
• Incident Response Team is responsible for proper Incident Response analysis and investigation
• After the discovery of the incident Incident Response Team is responsible for recognizing and declaring the event
• Incident Response Team is responsible for preserving any evidence and contain the damage resulted from incident
• Incident Response Team is responsible for proper documentation of the incident
IR-2 Computer Crime Investigation and

More about Honeynet Incident Management Policy