Red Tape


Information Security Policy for Small Business

Security Policy

Contributed by Bruce D Waugh in 2008 and pulled from the old Infosecwriters archives.

Information security policy, while being one of the most important steps in helping to secure an information system, is also one of the most frequently overlooked and misunderstood in small businesses. Performing the steps necessary to create strong, effective, and more importantly, enforceable policy are usually perceived to be beyond the resources of most small businesses. Yet with the pervasiveness of small business, these information systems can become unwitting tools for attackers and provide a stepping stone for larger attacks on enterprise networks.

By understanding the pertinent issues in creating and maintaining effective policy, small businesses can create workable rules by first understanding the psychology of their workers, the Information landscape in which they operate, and the value of the information being protected.


Best Practices to Minimize Risks for Online Gaming

Contributed by Emily Walters.

Online gaming is a market that is growing as more multiplayer, internet based games are released. With this growing market comes a growing risk for the consumers. While games are being given more features that are unique, it is opening up possibilities for security risks. It is the people who play video games responsibility to stay informed, be aware, do research, and comply with a benevolent gaming social experience. Unfortunately, not all gamers want to have a safe and fun environment for all to enjoy. Some of these people want to create problems for the companies providing the gaming service, or people who enjoy the game. So, what practices can gamers use to minimize security risks for online gaming?


The Information Security Management System in Healthcare Computer Networks

Contributed by Ming-Li Tabor

Sony Pictures Entertainment got cyber attacked and was requested to cancel the film, The Interview. The security of the network was vulnerable to the attack. In the health care sector, patients’ medical and personal information are electronic records, which are vulnerable to hackers. The purpose of research is to increase the awareness and translate the importance of information security. The organizations of health care should ensure the confidentiality, integrity, and availability of the health care personal information. The information security management system includes policies which are related to information security and risks. The contents include security management and risk assessment, security controls, plans, and procedures, physical security, human factors security, security auditing, and computer security models.


Awareness of BYOD Security Concerns

Contributed by Benjamin Tillett-Wakeley


An Inquiry into Privacy Concerns: Memex, the Deep Web, and Sex Trafficking

Contributed by Jeffery Hammonds

This research study will examine how large scale data mining may negatively affect privacy as it helps solve national and international sex trafficking crimes. The data mining tool researched here is the Memex Project; created, implemented, and managed by the United States Defense Advanced Research Projects Agency (DARPA). The Memex Project senses patterns in large amounts of data and makes connections. Memex was created to assist the federal government in cracking down on human trafficking. It may also be used by national governments in the fight against terrorism in the near future. While the Memex Project’s purpose is admirable, it could be used as a tool to intrude on the privacy of law-abiding citizens. As part of this research study, a breakdown of how data mining is defined and regulated by United States law will also be examined.


Subscribe to RSS - Red Tape