| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
Securing a Small Community College-A Case Study This practicum identifies critical computing resources used in a small community college, develops a method of defining risk, presents a network design, as well as, implements security policies to address risks, and formulates a long term strategy for securing vital campus resources. The challenges of securing a community college are formidable. Resources are often limited, the use of computers and software applications vary greatly from department to department, the atmosphere of academic freedom permeates all decisions, exploring and experimenting students can reek havoc on campus networks, and the inherent mission of disseminating information, and providing computer access to a wide variety of users are just a few of the challenges.
04/03/2004
|
|
Remote Access using Telstra Dial IP This paper will demonstrate how the real-world security problem of remote access to an Enterprise network was addressed and validated (post-implementation) through the Internet Security Alliance's (ISA) Common Sense Guide for Senior Managers. The ten practices in the guide will be referred against, to illustrate the security environment that existed prior to the project, the criteria by which remote access solutions were assessed (and why the adopted system chosen) and the security improvements the solution has provided. In addition, the author will discuss how the actual implementation was conducted and key issues encountered during it. As a new member reporting to the Enterprise?s CIO, the author was made responsible for implementing ?a remote access solution that would satisfy the needs of the business?. As the project manager I worked with system administrators and telecommunication technicians.
04/03/2004
|
|
Securing a University Environment; An Evolutionary Case Study Like many small private universities the one for which I work was for many years an open environment as far as network security was concerned. We quickly learned however, that the risks were too great. This case study outlines the steps that my university took to transition from an open network to one that balances the needs of faculty doing teaching and research, students needing to learn as well as be entertained and staff that require a secure and stable network environment to perform their business functions. Through focusing on the way one institution approached this problem I will provide some general methods that other similar institutions may use to aid in their transition. I will also discuss how our methodology drew on the principles that form the foundation of a good network security model. Lastly, I will look ahead and discuss some of the challenges that still face university network security.
04/03/2004
|
|
University Security Our Universities are under attack, networks comprised of heterogeneous hosts with fast Internet connections make universities desirable targets to a wide variety of attackers. Members of university communities are often not concerned with security because they assume that hackers attack systems to obtain confidential information. These academics have not realized that many attacks are instead quests for disk space or processor time and that the information stored on a server is sometimes irrelevant to the attacker. The resulting lack of system security at universities has allowed attackers to quickly make universities the preferred staging areas for distributed denial of service attacks. Decentralized structure and large size make many university networks difficult, but not impossible, to secure. By using a combination of security tools and procedures universities can provide a more secure computing environment than has generally been available.
03/28/2004
|
|
Case Study for Understanding the 30,000 Foot View Before Diving In This case study addresses the front-end soft topics of information security, which may not be so easily learned. The analysis of the business, the security problems encountered, how they affect the business, and their resolution will be covered. To retain some brevity for this paper, the typical technical procedures will be bypassed, as there are many other good sources for these topics. The goal of this paper will be to provide some insight to help the reader become a bit more business-savvy, where gearing solutions to the needs of the organization will help raise acceptance rates.
03/28/2004
|
|
Case Study: Transforming a Traditional Windows Client/Server Application Our software firm's financial application was developed on a traditional clientserver model. Individual user workstations run the application (on the Microsoft Windows Operating System) on a local area network against shared file, print, and database servers. Our customer required that remote users from five locations across the country access the application over remote connectivity. They needed to provide an Application Service Provider (ASP) service with these sites accessing the application on central common hardware. It was critical that the individual locations remain logically independent of each other.
03/28/2004
|
|
Securing the Gold through Better Network Design: A Case Study I work for a small, privately owned company that specializes in marketing and servicing office equipment. I was hired to introduce new technologies to the sales force in order to enhance the solutions-based selling approach. I was also given the responsibility of assessing, designing and implementing a network design that would allow us to offer more services to the customer base and to the field service personnel. Management wanted to deploy a web-based service for the customers to enable them to access their account information and the company was in need of a network overhaul. Upon initial evaluation, I found no firewall protection for the network. The domain controller and mail server were exposed to the Internet and therefore vulnerable and the company’s database management system was not well secured. I felt that setting up the additional services in the existing infrastructure was not wise and presented my assessment to management.
03/28/2004
|
|
Case Study in Automating Branches of a Bank This case study will highlight points that were addressed while automating 85 locations for a bank. These branches had three separate networks, one for each: Automated Teller Machines, IBM developed Systems Network Architecture (SNA) mainframe applications, and a PC based network at eight locations to operate a mortgage application. All three of these networks had outdated technology and were to be combined into one network for increased redundancy, improved security measures and reduced cost. Although we addressed many aspects to complete this project, this document will focus on two specific areas that posed significant security challenges: wireless security and access control/password management.
03/28/2004
|
|
Securing Sensitive Data in a Research Environment Dissemination of research data can present challenges for the project staff charged with securing the sensitive data, especially on machines over which they have no administrative control. This case study defines a major risk - deductive disclosure - associated with longitudinal research data and gives an overview of the defense-in-depth security plans I developed to help one research project protect the data they disseminated to researchers around the country who are storing and analyzing the data on a number of different computer systems. I also developed for this research project some “fill in the blank” forms mirroring the security plans to assist researchers who are applying to use the data. These security plans are now being implemented in research environments nationwide. I reevaluate these security plans and forms periodically to ensure current best practices are maintained.
03/26/2004
|
|
Secure Computing - An Elementary Issue This paper was developed as a resource for elementary school technical support personnel responsible for maintaining a safe and secure computing environment. It is meant to provide a context for, and overview of, security issues in elementary school computing. A case is made for developing security policies to protect equipment and data which expand the scope of the familiar Acceptable Use Policy. Common threats to secure computing are identified and steps for mitigation are discussed.
03/26/2004
|
|
Page: 1 2 3 |
