An Introduction to TEMPEST
For many years, TEMPEST was shrouded in secrecy. Government documents concerned with this were classified, which obviously gave rise to many speculative theories.
Read the Article
|
Building the Ideal Web Hosting Facility: A Physical Security Perspective
The purpose of this paper is to provide a comprehensive look at Physical Security by means of building an ideal web hosting facility. By viewing this design and construction process from a Physical Security perspective, we will identify and describe the measures needed to make our facility fully secure. Along with this we should, as an end product, have a comprehensive Physical Security Primer that can be used in many types of facilities and circumstances.
Read the Article
|
Consolidating and Securing Enterprise Storage
In this paper, I will discuss how I plan on consolidating our enterprise storage using Sun's StorEdge 6960 SAN solution. I will start by defining what a SAN is and why has it become an essential part of a growing enterprise. I will briefly mention our current T3 SAN setup and its limitations. I will discuss the setup and configuration of SUN StorEdge 6960, the security features offered by SAN products in general and StorEdge 6960 in particular. I will describe how I plan on complementing these security features with other enterprise wide security measures already in place to achieve "defense in depth".
Read the Article
|
Convergence of Logical and Physical Security
This paper will demonstrate that the convergence of logical and physical security brings significant benefits, specifically identifying areas where the two can interconnect to the greatest positive effect, and also recommends practical steps to take in this direction.
Read the Article
|
Sensitive but Unclassified Information: A Threat to Physical Security
Defending our companies and the "critical infrastructure" of the United States must be extended to include physical security. Defending the physical security of a company or other critical assets does not lie in the exclusive domain of the security guard. That duty extends also to the information department.
Read the Article
|
Requirements for the Design of a Secure Data Center
Most companies do not have the luxury, or the financial depth, to locate data centers hundreds of feet below granite mountains with complete cities to support them. Proper planning and design will allow you to construct a facility that will be secure, defendable and cost effective. Some may read this and say that it is ridiculous to even consider some of the items suggested as possible threats. The biggest threat is the thing you don't consider. Every potential danger must be at least noted and the cost to protect against it evaluated.
Read the Article
|
Data Center Physical Security Checklist
This paper will present an informal checklist compiled to raise awareness of physical security issues in the data center environment. Information Security Specialists should use this checklist to ascertain weaknesses in the physical security of the data centers that their organization utilizes.
Read the Article
|
Laptop Security, Part One: Preventing Laptop Theft
his article, the first in a two-part series devoted to laptop security, will give a brief overview of how users can prevent laptop theft. In realization of the fact that no matter what users do, laptop theft will always be a possibility, the second article in this series will discuss steps that users can take to minimize the loss of valuable information through laptop theft.
Read the Article
|
Laptop Security, Part Two: Preventing Information Loss
In the first installment of this series on Laptop Security we discussed methods of preventing laptop theft using both hardware and software solutions. This article will cover some good methods of mitigating loss when a laptop has been stolen. As was stated in the first article, while a the software and hardware that makes up a laptop can be replaced at a limited cost, the information that may be lost when a laptop is stolen or lost may be invaluable or irreplaceable. This article will discuss ways in which to limit the loss of information.
Read the Article
|
Building a secure Internet Data Center Network Infrastructure
The principle goal of this paper is to provide best practice information on designing and implementing secure networks in an Internet Data Center. I will focus on the expected threats and their methods of mitigation, rather than on "Put the firewall here, put the intrusion detection system there." I will begin this document with an overview of the architecture, then details the specific modules that make up the actual network design. The first three sections of each module describe the traffic flows, key devices, and expected threats with basic mitigation diagrams. Detailed technical analysis of the design follows, along with more detailed threat mitigation techniques and migration strategies.
Read the Article
|
