Et Cetera

Thu
13
Aug

Security Content Automation Protocol: Is it Beneficial?

Contributed by John Rayborn

The intent of this paper is to provide a discussion on what the Security Content Automation Protocol (SCAP) is, how organizations can utilize SCAP, and why SCAP is important to Information Security Management. Further, this paper will also look to explain the components and processes that make up SCAP, an overview to the process for vendor product’s to receive SCAP validation, and how organizations look to ensure systems on the enterprise networks are compliant with Federal Information Security Management Act (FISMA) of 2002 requirements through SCAP tools and methodology usage. This paper is meant to be informational as well as educational for awareness and discussion purposes.

This document is in PDF format. To view it click here.

Thu
13
Aug

Bring Your Own Devices in Business and Education

Contributed by Theresa Meza

Tue
11
Aug

Comparison of SNMP: Versions 1, 2 and 3

Contributed by Eddie Bibbs, Brandon Matt, and Xin Tang

During its development history, the communities of researchers, developers, implementers and users of the DARPA/DoD TCP/IP protocol suite have experimented with a wide range of protocols in a variety of different networking environments. The Internet has grown, especially in the last few years, as a result of the widespread availability of software and hardware supporting this system. The scaling of the size and scope of the Internet and increased use of its technology in commercial applications has underscored for researchers, developers and vendors the need for a common network management framework within which TCP/IP products can be made to work.

This document is in PDF format. To view it click here.

Fri
07
Aug

Technologies for Securing Healthcare Computer Networks

Contributed by Ming-Li Tabor

One celebrity’s photos were posted online. She uploaded her pictures to Apple iCloud. Therefore, her conclusion was that Apple iCloud was breached. Apple Company claimed their system was not breached. In the health care area, medical records are not the only data in the file. Patients use credit cards to pay bills. A patient can be like the celebrity and lose information, such as credit card numbers, social security number, or medical records. Patients could lose private information in a health care company also. These situations include intrusion by hackers, government or other corporates. Sometimes damage was from authorized users not using the data properly. The prevention will include cryptographic tools, access control, user authentication, intrusion detection, and firewalls. Examples and analysis of security technology can help to improve the network security of health care matters.

Tue
04
Aug

Too Easy? Finding personal Information on the World Wide Web has never been so easy

Contributed by Charles Hornat

I will be returning to the days where I contribute papers to help those interested in learning about Information Security or giving tips or pointers to those more experienced. I have been doing security now for over 20 years and I have seen security change its focus from networks and Internet to servers and workstations, to application based, to where we are today, data based. It seems the biggest challenge we, as security professionals have facing us, is identifying the “Crown Jewels” of our companies, and protecting them. This means a more focused approach to protecting actual data, not so much the network, the servers, the applications, or the Internet. Of course these things should not be neglected, and a layered approach is mandatory, but more focus needs to be made on the protection of the actual data than a system or network nowadays, in my opinion.

Pages

Subscribe to RSS - Et Cetera