HP OpenVMS Guide to System Security > Part III  Security for the System Administrator

Chapter 10 System Security Breaches

  Table of Contents



Along with developing a security policy and selecting appropriate security measures to implement that policy, a site needs to establish and test procedures for handling system, site, or network compromises. The procedure should address two areas:

  • Appropriate responses once a breach is suspected or confirmed. Site guidelines should help determine whether to increase site security (eliminating all possibility of further compromise), put proactive measures in place to apprehend the offender, or collect evidence to initiate a criminal or civil suit. Each decision has its own set of rules and guidelines.

  • Appropriate contacts and resources outside of the site that may be needed should such an event occur. For example, a company might want to become familiar with local, state, and federal authorities (as applicable), local phone carriers (security division), and the HP support groups.[4]

This chapter describes how to recognize when an attack on the system is in progress or has taken place and what countermeasures can be taken.

[4] HP support groups include the Software Security Response Team (SSRT) in the United States and the European Security Program Office (ESPO).