| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Government
|
|
Home Office
|
|
Small Business
|
|
A Certification and Accreditation Plan for Information Systems Security Programs In order to ensure the confidentiality, integrity and availability of corporate information systems, each organization must implement a comprehensive Information Systems Security Program (ISSP). Determining the effectiveness of the ISSP requires evaluating each module individually, as well as its relationship to other components. Unilateral analysis, while often necessary due to time and resource constraints, results in a fragmented snapshot of the defenses of the enterprise.
By Brenda Dinges, 04/23/2004
|
|
Security - What is Enough? This paper will look at the various layers of security businesses have on offer to them today, which will aid the security policy and look at why they should deploy them. Taking a step back, it is important to know what dangers and risks the business is facing, who is the enemy and determine what they want before setting up and running a security policy.
By Victoria England, 04/23/2004
|
|
How To Secure Your Small To Medium Size Microsoft Based Network: A Generic Case Study In this paper I intend to explain the basic process of securing a small to medium sized network. I will create a make believe company network and give some examples of how to secure the network with some commonly used products and techniques in a case study format. I will use references to freely available information on the Internet to help me secure this network. The examples are based on Microsoft and Cisco platforms because they are the most commonly used platforms and they are the ones I am most familiar.
By Jerry Goodman, 04/23/2004
|
|
Outline for a Successful Security Program This paper is meant to give the reader an outline and high level view of security topics to examine when creating a network security program. This paper is broken into fifteen sections related to security. It has been my experience that most security programs will have to give some attention to each of these sections in order to be successful. Some of the topics I will discuss include: security policies, firewalls, intrusion detection systems, documentation and disaster recovery.
By Jeff Norem, 04/23/2004
|
|
Secure This: Organizational Buy-in (A communications approach) This paper will discuss the importance of buy-in and will recommend methods for soliciting and securing buy-in using a communications theory perspective. It is not the intention of the author to explore the topic in depth; rather, the purpose is simply to offer ideas which merit further exploration and discussion.
By Wendy E. Ady, 04/20/2004
|
|
Modeling the Silicon Curtain This paper will present the available range of modeling and simulation capabilities in Information Assurance. It will also establish some principles for extending these capabilities into the community. It will do this by establishing a case for utilizing more simulation in our discipline, reviewing past modeling & simulation efforts within Information security, reviewing the traditional types of modeling and simulation methodologies, addressing capability and experiences in computer modeling within other areas such as telecomm and economics, and providing a framework for future computer based modeling and simulation efforts in Information security.
By John H. Saunders, 04/20/2004
|
|
Security Concerns in Using Open Source Software for Enterprise Requirements This paper highlights the security concerns of the end users in considering open source software for their enterprise requirements. This paper also highlights the risks pertaining to open source software and recommends certain guidelines following which these risks can be mitigated. These guidelines would help an end user to thoroughly evaluate open source software before they are considered for mission-critical functions.
By Sreenivasa Rao Vadalasetty, 04/20/2004
|
|
Distributed Computing: An Unstoppable Brute Force Distributed computing allows groups to accomplish work that was not feasible before with supercomputers, due to cost or time constraints. Although the primary functions of distributed computing systems is to produce needed processing power to complete complex computations, distributed computing also reaches outside of the processing arena to other areas such as network usage. When used properly, both areas compliment each other and can produce needed results.
By Michael Hill, 04/20/2004
|
|
Big Brother at the Office: Friend or Foe? There are many aspects of employee monitoring that must be taken into account before determining if it is right for your organization. This paper outlines most of the issues and attempts to present an objective presentation of the information from both the employee and employer's perspectives. You will have to evaluate all of the available resources, weigh the benefits versus the disadvantages of monitoring and determine if it is right for your organization. While monitoring is often times directed or led by the human resources departments of many organizations, network and security administrators generally carry out the orders. Security professionals can gain from monitoring by some of the possible benefits including: prevention of data theft and the reduction in the risk associated with employees visiting "hacker", "warez" and other questionable content websites.
By Clint M. Satterwhite, 04/15/2004
|
|
Building an Information Assurance Framework for a Small Defense Agency As information security continues to capture headlines in our daily lives, it is imperative that businesses have an Information Assurance Framework - a solid plan of action with the required tools, trained personnel, and tested procedures - that is capable of protecting valuable information assets. However, many organizations with low risk data have not focused on information security and have not put adequate life-cycle controls in place to ensure continuous protection. That is the case at our small defense agency. This paper attempts to glean best practices from many sources to define the steps we must to take to implement and manage an Information Assurance Framework.
By Janet Haase, 04/14/2004
|
|
Page: 12 3 45678910 |
