I believe, if the fruit is small enough, you could sneak some of this in through the cracks. Bull it through via sheer determination. But I understand what you mean.... The more official it is, the more visible it is, the more difficult it is.... The same for any bureaucracy, but a quantum leap here. -- patrick darden -----Original Message----- From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of Jim Popovitch Sent: Friday, June 19, 2015 9:12 AM To: nanog@nanog.org Subject: [EXTERNAL]Re: OPM Data Breach - Whitehouse Petition - Help Wanted On Fri, Jun 19, 2015 at 9:55 AM, Darden, Patrick <Patrick.Darden@p66.com> wrote:
Good point. It's a massive job, and sometimes it is best to look at those piecemeal. Start with small goals, and pick low hanging fruit--your example of the server room is good. Set it up with and IDS, a firewall, harden the hosts by turning off/removing unused/unneeded services, setting up tripwire, and encrypt all data on the drives, then look to password policy enforcement. Then start actively securing it (monthly audits, daily log checks, etc.). Doable. Then pick the next lowest hanging fruit and repeat.
You left out: Formulate Bid Solicitation team Procure funding for Bid Solicitation team Request Congressional approval for Bid Solicitation team Request funding for team to win Congressional approval of Bid Solicitation team Receive first round funding for team to win Congressional approval..... Director retires, project status in limbo New round of higher funding sought Congressional recess, projects in limbo Bid process begins, 3 of 4 are non-GSA and require further funding for new approval process After 2 years of paperwork, initial funding for 2 year old IDS v1.1 (that's what was approved!) is approved. repeat, ad nauseam -Jim P.