Consider the following list of guidelines when you develop a security policy for your site.
Assign the maximum label of a system that is configured with Trusted Extensions to not be greater than the maximum security level of work being done at the site.
Manually record system reboots, power failures, and shutdowns in a site log.
Document file system damage, and analyze all affected files for potential security policy violations.
Restrict operating manuals and administrator documentation to individuals with a valid need for access to that information.
Report and document unusual or unexpected behavior of any Trusted Extensions software, and determine the cause.
If possible, assign at least two individuals to administer systems that are configured with Trusted Extensions. Assign one person the security administrator authorization for security-related decisions. Assign the other person the system administrator authorization for system management tasks.
Establish a regular backup routine.
Assign authorizations only to users who need them and who can be trusted to use them properly.
Assign privileges to programs only they need the privileges to do their work, and only when the programs have been scrutinized and proven to be trustworthy in their use of privilege. Review the privileges on existing Trusted Extensions programs as a guide to setting privileges on new programs.
Review and analyze audit information regularly. Investigate any irregular events to determine the cause of the event.
Minimize the number of administration IDs.
Minimize the number of setuid and setgid programs. Such programs must be employed only in protected subsystems.
Ensure that an administrator regularly verifies that regular users have a valid login shell.
Ensure that an administrator must regularly verifies that regular users have valid user ID values and not system administration ID values.