| More Principles |
|
|
|
|
|
|
|
|
|
|
| • | Think
about Assets, Threats and |
||||||||
| Vulnerabilities
FIRST |
|||||||||
| • | Find
an appropriate (and minimally |
||||||||
| complex)
Policy Model |
|||||||||
| • | Match
your OS capabilities to the policy |
||||||||
| model
as best you can |
|||||||||
| • | Train
staff to recognize social engineering! |
||||||||
| • | Train
staff to make a habit out of the policy! |
||||||||
