parsec_patches
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
parsec_patches [2018/11/28 15:25] – sgriggs | parsec_patches [2018/11/28 15:28] – sgriggs | ||
---|---|---|---|
Line 338: | Line 338: | ||
Technical safeguards are the IT stuff you and I care about. The text of | Technical safeguards are the IT stuff you and I care about. The text of | ||
- | HIPPA doesn' | + | HIPPA doesn' |
but it does say what those solutions have to be capable of from a security | but it does say what those solutions have to be capable of from a security | ||
standpoint. | standpoint. | ||
- | .HIPPA IT Requirements in the Security Rule | + | **HIPPA IT Requirements in the Security Rule** |
- Open networks need to be encrypted. Closed networks are okay for cleartext. | - Open networks need to be encrypted. Closed networks are okay for cleartext. | ||
- Data integrity for PHI must be insured. Think checksumming. | - Data integrity for PHI must be insured. Think checksumming. | ||
Line 363: | Line 363: | ||
SOX is extremely vague and this creates headaches. The law to read is, US Title | SOX is extremely vague and this creates headaches. The law to read is, US Title | ||
- | 15, Chapter 98, Subchapter IV (ugh, I feel like a laywer). https:// | + | 15, Chapter 98, Subchapter IV (ugh, I feel like a laywer). |
- | has a section called https:// | + | has a section called |
is the part you want to read concerning IT rules. Unfortunately, | is the part you want to read concerning IT rules. Unfortunately, | ||
requirements are much more vague. However, again, I will provide a summary. | requirements are much more vague. However, again, I will provide a summary. | ||
- | .Sarbanes-Oxley IT 404 Requirements | + | **Sarbanes-Oxley IT 404 Requirements** |
- " | - " | ||
- The assessment must be done yearly and it must be reported to the SEC | - The assessment must be done yearly and it must be reported to the SEC | ||
It's a painful read and I'd recommend checking out the | It's a painful read and I'd recommend checking out the | ||
- | https:// | + | [[https:// |
SOX. Do they require patches? | SOX. Do they require patches? | ||
system could not be considered a secure source of financial information. | system could not be considered a secure source of financial information. | ||
Line 394: | Line 394: | ||
same basic spirit. You can't do anything that might put folks credit card | same basic spirit. You can't do anything that might put folks credit card | ||
info at risk. That includes not only their numbers, but also their | info at risk. That includes not only their numbers, but also their | ||
- | transaction history. Start with the https:// | + | transaction history. Start with the [[https:// |
and you can dig more into specific questions for different levels of PCI. | and you can dig more into specific questions for different levels of PCI. | ||
Line 428: | Line 428: | ||
installable shell archive: very handy. | installable shell archive: very handy. | ||
- | .Upgrading Secure Shell on Tru64 | + | **Upgrading Secure Shell on Tru64** |
---- | ---- | ||
$ sudo ./ | $ sudo ./ | ||
Line 495: | Line 495: | ||
don't update until something forces them to. | don't update until something forces them to. | ||
- | .Upgrading Sendmail | + | **Upgrading Sendmail** |
---- | ---- | ||
$ cd epm/ | $ cd epm/ |
parsec_patches.txt · Last modified: 2019/07/11 04:58 by sgriggs