Addressing and Implementing Computer Security for a Small Branch Office
Implementing security measures and security awareness for a small branch office raises a different set of questions and provide some unique challenges than when one is implementing security for central or main location. Who determines the security policy? How is the policy enforced? Who implements the security? Local staff? Staff from the main site? Is it outsourced? In a location with different organizational units represented, who determines the cost of not providing security? There is no "one size fits all" solution. It is important to understand the issues and work within the organizational structure to develop awareness and policies that will comply with the global requirements of the organization while permitting the remotely located staff to work efficiently and effectively.
Read the Article
|
Responsibilities of the "small shop" in a post 11 Sept world
Before examining the new frame of reference and answering the question, some context should be established. The phrase "small shop" may have different meanings to different people. In order to explain the phrase as used here a couple of examples would be; an at home DSL user with one or more machines, or a group with a limited IT staff, or just contractors, and a full time Internet connection. Even with 30 users, 1 admin and about 300 occupied IPs I consider my own organization a small shop. No matter what type of small shop is used as a reference though, most people would probably agree the issues and problems faced by the small shop are significantly different than those faced by their larger counterparts. The notable exception should be when it comes to computer security.
Read the Article
|
Multi-Layered Approach to Small Office Networking
This paper will address several areas that small business owners should consider as they deploy and grow their office network. It begins with an overview of network basics, briefly describing two popular network topologies. After the topology overview, the paper will explore several topics that are combined to provide layers of defense against malicious activity directed at their network, either from internal or external sources.
Read the Article
|
Fighting Cyber Terrorism - Where Do I Sign Up?
The only knowledge that we need to be imparted with is to know that every critical system is secured from these cyber terrorists. We need to know that these types of detrimental acts will never happen to us. We need to know that we can live without the fear of a full-scale infrastructure network disruption. Unfortunately, at this point and time, I don't have that knowledge. It's clear that this country, and others, have a long way to go to fully prepare and defend against a major electronic attack. I believe that the government and the private sector are starting to realize the importance of a good cyber defense. The events of the past month have changed all of our lives. Perhaps some of us are ready to join this fight against these cyber criminals? I know I am.
Read the Article
|
Building an Information Assurance Framework for a Small Defense Agency
As information security continues to capture headlines in our daily lives, it is imperative that businesses have an Information Assurance Framework - a solid plan of action with the required tools, trained personnel, and tested procedures - that is capable of protecting valuable information assets. However, many organizations with low risk data have not focused on information security and have not put adequate life-cycle controls in place to ensure continuous protection. That is the case at our small defense agency. This paper attempts to glean best practices from many sources to define the steps we must to take to implement and manage an Information Assurance Framework.
Read the Article
|
Big Brother at the Office: Friend or Foe?
There are many aspects of employee monitoring that must be taken into account before determining if it is right for your organization. This paper outlines most of the issues and attempts to present an objective presentation of the information from both the employee and employer's perspectives. You will have to evaluate all of the available resources, weigh the benefits versus the disadvantages of monitoring and determine if it is right for your organization. While monitoring is often times directed or led by the human resources departments of many organizations, network and security administrators generally carry out the orders. Security professionals can gain from monitoring by some of the possible benefits including: prevention of data theft and the reduction in the risk associated with employees visiting "hacker", "warez" and other questionable content websites.
Read the Article
|
Distributed Computing: An Unstoppable Brute Force
Distributed computing allows groups to accomplish work that was not feasible before with supercomputers, due to cost or time constraints. Although the primary functions of distributed computing systems is to produce needed processing power to complete complex computations, distributed computing also reaches outside of the processing arena to other areas such as network usage. When used properly, both areas compliment each other and can produce needed results.
Read the Article
|
Security Concerns in Using Open Source Software for Enterprise Requirements
This paper highlights the security concerns of the end users in considering open source software for their enterprise requirements. This paper also highlights the risks pertaining to open source software and recommends certain guidelines following which these risks can be mitigated. These guidelines would help an end user to thoroughly evaluate open source software before they are considered for mission-critical functions.
Read the Article
|
Outline for a Successful Security Program
This paper is meant to give the reader an outline and high level view of security topics to examine when creating a network security program. This paper is broken into fifteen sections related to security. It has been my experience that most security programs will have to give some attention to each of these sections in order to be successful. Some of the topics I will discuss include: security policies, firewalls, intrusion detection systems, documentation and disaster recovery.
Read the Article
|
How To Secure Your Small To Medium Size Microsoft Based Network: A Generic Case Study
In this paper I intend to explain the basic process of securing a small to medium sized network. I will create a make believe company network and give some examples of how to secure the network with some commonly used products and techniques in a case study format. I will use references to freely available information on the Internet to help me secure this network. The examples are based on Microsoft and Cisco platforms because they are the most commonly used platforms and they are the ones I am most familiar.
Read the Article
|
