WHAT'S UP WITH THE HIPAA RETENTION SCHEDULES?

For much of my professional career I have been what I like to call “health care adjacent”. Meaning, my department has HIPAA responsibilities but I personally was only partially involved in them. I was around for conversations around protecting PHI, e- or otherwise, and sometimes called in as a technical resource for addressing specific controls but I was never in a situation where I really needed to know shit about the standard. One truism that everyone involved clearly knew was that records retention was a nightmare. We had a hard requirement of a 7-year minimum for anything related to patient data, whether the patient’s electronic chart or firewall logs for the network segment that housed HIPAA covered servers.

7/19/2014 securityhipaapolicy

USING OFFICE 365 AS A SMART HOST WITH POSTFIX

Since writing this post I’ve learned a better way. If you’re using a personal account or only need to relay 1 server the below may be sufficient. If you’re managing more than one server and can manage your Office365 domain please see my updated post Better Use of Office 365 as a Smart Host with Postfix.

7/11/2014 sysadmintools

SSL CHAIN CERT FUN WITH NESSUS

Pulling back from the archives this is a repost of a previous blog post. This time ripped from a guest spot at The Security Stack Exchange Community Blog.

7/4/2014 nessussecurityconfiguration

MY NOT SO FANCY .SCREENRC

Some number of days ago my dear Wesley put out the call absolutely begging for our Best .screenrc Files. While mine is very simple it hits all my special points. First the config, then the explanation.

6/24/2014 sysadminscreenconfiguration

MISADVENTURES WITH TCPDUMP FILTERS

Pulling back from the archives this is a repost of a previous blog post. This time ripped from a guest spot at The Security Stack Exchange Community Blog.

6/20/2014 networksecuritymonitoring

BASE RULESETS IN IPTABLES

Pulling back from the archives this is a repost of a previous blog post. This time ripped from a guest spot at The Security Stack Exchange Community Blog.

6/6/2014 standardshardeningsecurity

FIGHTING NFS MOUNTS AT BOOT TIME

Pulling back from the archives this is a repost of a previous blog post. This time ripped from a guest spot at The Nubby Admin, a fantastic blog from a fellow tech nerd.

5/30/2014 nfssysadminannoyances

WHY IS CHANGE MANAGEMENT HARD?

No matter how much we hope otherwise the foundation of any security program are consistent and used procedures. This means figuring out what we need to be doing, sketching out how we think we should be doing it, finding out we were totally wrong and misguided thinking we could do it that way, then editing it into something that actually works.

5/22/2014 policysecuritychange

A BRIEF INTRODUCTION TO AUDITD

Pulling back from the archives this is a repost of a previous blog post. This time ripped from a guest spot at The Security Stack Exchange Community Blog.

5/16/2014 auditdhardeningsecurity

CUSTOM PARTITIONING USING PRESEED

Simplistic Beginnings Whether using a preseed or a manual install the default partitioning setup is to use what Debian calls “atomic”. When using atomic the installer creates two partitions

5/9/2014 cobblersysadminpreseed