“Are your servers as secure as Fort Knox or as open as a
revolving door? The newly formed Center for Internet Security hopes
to answer that question by creating a suite of tests that would
give computer owners a rating–on a scale of 1 to 10–of how good
their security is. A level-10 server could protect an
e-commerce company’s virtual gold, while a level-1 server would be
an online vandal’s playground.”
“Our members are just saying that they would like to see global
benchmarks,” said Alan Paller, director of research for the Systems
Administration Networking and Security (SANS) Institute and a
founding member of the 71-member center. “The banks want these
types of benchmarks. The government wants these types of
benchmarks. The center’s work is a guide that people will use.”
“The center’s members are working together to create a
rating system for Solaris, Linux and Windows 2000, Paller
said. The guidelines could be completed as early as March
2001.”