Red Tape


Best Practices for Implementing Access Control Systems

Contributed by Isaac McGuire

As a network administrator or information security specialist, you might find yourself wondering if your network is safe. You are constantly asking yourself, “What can I do to ensure that the data on my network is protected?” One of the ways to protect your network is what I would like to talk about and that method is through access control systems. In this paper, I am going to cover what access control is. I am also going to talk about the two different types of access control, physical and logical, and some of the methods of both. Next, and the main point, I would like to talk about the security best practices for implementing access control systems. Access control systems are powerful security tools that can help you protect the data on your network.

This document is in PDF format. To view it click here.


PCI and Why it is Important

Contributed by Michael Mozingo

Millions of credit and debit card transactions are completed daily. Credit and debit card usage is steadily increasing, and with it, so is the treat of fraud. With the increase of payment card fraud, it is important for the merchants who accept these types of payments to have a common standard in place to provide security in keeping card holder information safe. This is where the Payment Card Industry, Payment Card Industry Security Standards Council (PCI SSC) and the Payment Card Industry Data Security Standards (PCI DSS) come into play.

This document is in PDF format. To view it click here.


Risk Management for Healthcare Systems

Contributed by Lamaris Davis

The responsibility of risk management in healthcare systems falls on multiple individuals within any given organization. It’s well known that most hospitals and healthcare systems do not have a completely practicable risk management system that spans across an entire organization and operational structure for the delivery of key services. Ensuring the security of protected health information (PHI) in your health IT system requires that you institute measures to guard against unauthorized use or disclosure of PHI. A risk management plan should have five key parts which are administrative safeguards, technical safeguards, physical safeguards, organizational standards, and policies and procedures. For any single risk, a combination of safeguards may be necessary because there are multiple potential vulnerabilities that exist that could negatively affect healthcare systems, according to the American Society for Healthcare Risk Management.


Incident Response Planning In Industrial Control Systems

Contributed by Bill Clark

This paper discusses what Incident Response (IR) Planning is, what Industrial Control Systems (ICS) are, and how IR Planning pertains to ICS security. IR Planning is the process of preparing for any type of adverse event, also known as an incident, which can cause a process degradation or failure in a system. A system can be hardware, software, or a combination of both. An event can be man-made or natural in origin. An ICS is a combination of hardware and software processes that use extreme precision to automate or control most of today’s manufacturing product lines, water and power utility production plants, and transportation systems for people and products. For ICS applications and data, availability is the first priority.  

This document is in PDF format. To view it click here.


Better Passwords and Policies

Contributed by David Patten

Everyday press releases cover information security breaches from many top companies. Often these breaches include releasing the passwords that were stolen. Sadly, these passwords are usually trivial to crack which leads to further exploitation. Simple passwords are a problem that is created by both human nature and by poor password policies and training. This paper will look at the tools used to crack passwords, the passwords users create, password policies, and look at some creative and innovate solutions to the password problem.

This document is in PDF format. To view it click here.


Subscribe to RSS - Red Tape