Yesterday, we held our termly Information Security Special Interest Group (SIG). Among the many topics discussed, we presented a series of updates, clarifications and suggestions to make it easier for you to complete this year's baseline security assessment. This included:
- How to determine which 3rd parties require information security due diligence
- Avoiding common misunderstandings on some high-level and technical controls
- A template you can use to record changes to your technical infrastructure
- A way of keeping tabs on who has permission to access the different parts of your Windows file shares
- A list of which data you should record when dealing with incidents
- A quick reference guide to a number of ready to use resources available from our SharePoint site
To find out more, check out the slides available at https://sharepoint.nexus.ox.ac.uk/sites/itservices/security/ISSIG/Trinit... and download a copy of the changelog template from https://sharepoint.nexus.ox.ac.uk/sites/itservices/security/Public/Confi...
