secau Security Research Centre, Edith Cowan University, Perth, Western Australia
The more routine a task is we see the greater the need for a checklist. Even the smartest of us can forget where we parked our cars on returning from a long flight. So, the question is, why not create a straightforward checklist that will improve system management and security? In Information Technology operations, the vast majority of skilled people have re-built servers, but in an incident response situation, it can be unforgivable to overlook a serious security configuration simply because in the stress of the environment causes one to lose track of which stage they were on while being interrupted and multitasking. We show that the use of standard checklists and flowcharts created by the individual make for better results even in daily tasks. This paper presents the results of an experiment into the use of checklists by incident responders. It demonstrates how basic checklists can improve an organisation’s security.