parsec_patches
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
| parsec_patches [2018/11/28 15:25] – sgriggs | parsec_patches [2018/11/28 15:28] – sgriggs | ||
|---|---|---|---|
| Line 338: | Line 338: | ||
| Technical safeguards are the IT stuff you and I care about. The text of | Technical safeguards are the IT stuff you and I care about. The text of | ||
| - | HIPPA doesn' | + | HIPPA doesn' |
| but it does say what those solutions have to be capable of from a security | but it does say what those solutions have to be capable of from a security | ||
| standpoint. | standpoint. | ||
| - | .HIPPA IT Requirements in the Security Rule | + | **HIPPA IT Requirements in the Security Rule** |
| - Open networks need to be encrypted. Closed networks are okay for cleartext. | - Open networks need to be encrypted. Closed networks are okay for cleartext. | ||
| - Data integrity for PHI must be insured. Think checksumming. | - Data integrity for PHI must be insured. Think checksumming. | ||
| Line 363: | Line 363: | ||
| SOX is extremely vague and this creates headaches. The law to read is, US Title | SOX is extremely vague and this creates headaches. The law to read is, US Title | ||
| - | 15, Chapter 98, Subchapter IV (ugh, I feel like a laywer). https:// | + | 15, Chapter 98, Subchapter IV (ugh, I feel like a laywer). |
| - | has a section called https:// | + | has a section called |
| is the part you want to read concerning IT rules. Unfortunately, | is the part you want to read concerning IT rules. Unfortunately, | ||
| requirements are much more vague. However, again, I will provide a summary. | requirements are much more vague. However, again, I will provide a summary. | ||
| - | .Sarbanes-Oxley IT 404 Requirements | + | **Sarbanes-Oxley IT 404 Requirements** |
| - " | - " | ||
| - The assessment must be done yearly and it must be reported to the SEC | - The assessment must be done yearly and it must be reported to the SEC | ||
| It's a painful read and I'd recommend checking out the | It's a painful read and I'd recommend checking out the | ||
| - | https:// | + | [[https:// |
| SOX. Do they require patches? | SOX. Do they require patches? | ||
| system could not be considered a secure source of financial information. | system could not be considered a secure source of financial information. | ||
| Line 394: | Line 394: | ||
| same basic spirit. You can't do anything that might put folks credit card | same basic spirit. You can't do anything that might put folks credit card | ||
| info at risk. That includes not only their numbers, but also their | info at risk. That includes not only their numbers, but also their | ||
| - | transaction history. Start with the https:// | + | transaction history. Start with the [[https:// |
| and you can dig more into specific questions for different levels of PCI. | and you can dig more into specific questions for different levels of PCI. | ||
| Line 428: | Line 428: | ||
| installable shell archive: very handy. | installable shell archive: very handy. | ||
| - | .Upgrading Secure Shell on Tru64 | + | **Upgrading Secure Shell on Tru64** |
| ---- | ---- | ||
| $ sudo ./ | $ sudo ./ | ||
| Line 495: | Line 495: | ||
| don't update until something forces them to. | don't update until something forces them to. | ||
| - | .Upgrading Sendmail | + | **Upgrading Sendmail** |
| ---- | ---- | ||
| $ cd epm/ | $ cd epm/ | ||
parsec_patches.txt · Last modified: 2019/07/11 04:58 by sgriggs