Red Tape

Contributed by Rahul Ravella

In this day and age, business compete with each other ruthlessly to get a better edge over their competitor to sell their product. These businesses have some guidelines. One of the guidelines is to guard the business’s information and the information of their customers from the prying eyes of the hackers and their rivals. In order to do this, it is very important to implement an information security management answer that provides enough security for different types of data that is in the business that could be either digitally stored or contracts or written down documents on paper. (leod1, 2011)

This document is in PDF format. To view it click here.

Contributed by Michael Haythorn

Assessing risk is a fundamental responsibility of information security professionals. The basic need to provide products or services creates a requirement to have assets. With assets comes the need protect them from the potential for loss. Conducting a risk assessment is an essential step for organizations in order to ensure than proper controls are in place to protect assets that are critical to business functions. Risk assessment can be a very complex task, one that requires multiple methodologies and resources to perform quantitative and qualitative analysis based on factual evidence as well as subjective opinion. Ultimately the organization bears the responsibility for accurate analysis and control measures.

This document is in PDF format. To view it click here.

Contributed by Cornell Walker

Today the computer has impacted almost every facet of our lives and has become a major means of communication. One of the areas which has seen the most impact is how we maintain and store data. This data is stored in the form of logs, files, spreadsheets, or email to name a few. And along with the means to store this data, we have developed many techniques to retrieve this data.. Once retrieve, this data can be used to restore information, show a history, or used as evidence to arrive at a conclusion – even if the conclusion is within our courts. This paper takes a brief look at a new science that has developed as a result of the way we now store and maintain that data; “computer forensics,” and how this new science has impacted court decision and rulings regarding computer records. The areas of concern are: cleanliness of the evidence and how does the court define “computer records.”

Contributed by Steve Purser

Of all the skills that the modern security manager must possess, good communications is arguably the most basic. Most of us have seen innovative ideas fail at some time or other because they weren’t communicated in the right way and many of us have watched our own projects flounder for similar reasons. Speaking as part of a generation that was taught to fight for what it believes in, it is easy to appreciate how enthusiasm and the will to succeed can quickly become a handicap if not managed correctly. As a practicing security manager I continually meet people who are good at arguing their case, but it is far more difficult to find people who have the patience to listen to other points of view and to adapt their game plan accordingly.

This document is in PDF format. To view it click here.

Contributed by Steve Purser

The arrival of affordable and reliable network technology in the nineteen-nineties, followed by the move towards global connectivity and the success of the Internet as a medium for carrying out business, have drastically changed the way in which the modern enterprise operates. The positive aspects of this network revolution are difficult to overstate. Large international concerns have been able to make major efficiency gains, streamlining their operations and greatly reducing cost, whilst small and medium sized companies have benefited from the possibility of widening their markets to an international clientele. Last but not least, consumers have benefited from the ability to compare prices from disparate sources rapidly and to make purchases from their own home.

This document is in PDF format. To view it click here.