[DG: Spanish Sakai] Fwd: secure sakai?

Diego del Blanco Orobitg diego.delblanco.sakai at gmail.com
Wed May 14 05:19:06 PDT 2014 

Para los que no estáis en la lista en inglés...obviamente está en inglés...
Pero creo que es de gran utilidad para los que queráis agregar seguridad a
Sakai.

Saludos
---------- Mensaje reenviado ----------
De: "Sam Ottenhoff" <ottenhoff at longsight.com>
Fecha: 13/05/2014 12:50
Asunto: Re: [Building Sakai] secure sakai?
Para: "Charles Hedrick" <hedrick at rutgers.edu>
Cc: "sakai dev" <sakai-dev at collab.sakaiproject.org>

* Disable guest access
* Disable .auth and .anon special roles
* Implement two-factor auth using Duo or Authy
* Lockdown DAV access because it can't do 2-factor
* Remove all webservices access
* Remove all unused tools (e.g., OSP)
* Setup some live auditing of Sakai events
* Prevent IP blocks except from your approved regions from accessing the
server
* Use HTTP headers like HSTS (
http://ibuildings.nl/blog/2013/03/4-http-security-headers-you-should-always-be-using
)
* Connect to a user directory provider that implements user management
(expire accounts because of inactivity, strong passwords, etc)


On Tue, May 13, 2014 at 11:05 AM, Charles Hedrick <hedrick at rutgers.edu>wrote:

> Does anyone have experience running an instance of Sakai where users are
> allowed to store sensitive information? Any suggestions for what to do
> differently?
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"
>


_______________________________________________
sakai-dev mailing list
sakai-dev at collab.sakaiproject.org
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev

TO UNSUBSCRIBE: send email to
sakai-dev-unsubscribe at collab.sakaiproject.orgwith a subject of
"unsubscribe"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/spanish-sakai/attachments/20140514/570e1716/attachment.html

More information about the spanish-sakai mailing list