Red Tape

Thu
10
Dec

Maintaining a Secure Network in an Educational Environment

Contributed by Larry Jackson Jr.

In this paper I will discuss the network security issues associated with securing school networks and the common methods of minimizing risks. I will focus on security issues surrounding the WAN, LAN, Wireless devices, BYOD, antivirus and mobile devices. I will discuss the legal obligations in contrast to the needs of the district when dealing with the storage and accessing of student data. I will look into new trends associated with the transmission of malware through social media outlets and the procedures or policies that can be put into place to limit the occurrences. Finally, I will discuss ways to secure your guest networks or limit access to external users.

This document is in PDF format. To view it click here.

Wed
09
Dec

Advanced Persistent Threats: What Are They and Why Do I care

Contributed by Bryant Rossil

My term paper will focus on the protection of the enterprise against the business directed cybercrimes, Advanced Persistent Threats (APT). This paper will define what an APT is and some of the behaviors and characteristics associated with this sophisticated attack which are unlike the attacks businesses face daily. Showing how an APT works will also be present in this paper which will detail some of the ways APTs find there way into corporate systems. I will then focus on the detection of APTs and how an information security team can monitor these stealth attacks that can last an indefinite amount of time depending on the attackers goal. Lastly, I will cover the methods in which the business can deter these cyber attacks and the multiple ways to protect the company’s assets from these criminal operators.

This document is in PDF format. To view it click here.

Mon
07
Dec

Information Security Career Planning: Education, Training and the Role of Professional Certifications (Part 2)

Contributed by Ken Newman

PART 2 of 2: Regardless of options, there are some key elements that should be present in any form of education in order to provide lasting value to the information security professional. This article does not discuss technical details, although they are acknowledged as core to almost all levels of security professionals. Instead, the article focuses on those areas that create a “breadth” of softer skills in order to produce a more well-rounded and marketable individual.

This document is in PDF format. To view it click here.

Fri
27
Nov

Effective Controls for Attaining Continuous Application Security Throughout

Contributed by Caleb Sima and Vincent Liu

Given the choice, every organization would want secure Web sites and applications from the Web application development phase all the way through the software development life cycle. But why is that such a challenge to attain? The answer is in the processes (or lack thereof) that they have in place.

Fri
27
Nov

The Effect of Compliance on Database Integrity, Security and Administration

Contributed by Patti Jessup

The dawn of the 21st century saw advances in technology that allowed consumers and businesses to communicate and complete routine and complex transactions using a new vehicle – the internet. This new medium quickly became the status quo for millions of consumers to procure everything from mortgage loans to prescription refills. However, every cloud has a silver lining and a dark side. The dark side quickly materialized in the form of corporate mismanagement scandals, identity theft and privacy violations. New compliance regulations began to take shape in an effort to mitigate these issues. These regulations touch every aspect of a business from financial reporting to firewall configurations.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Red Tape