Plumadore.COM
Sharing Є Knowledge
Security
| We'll start with a
funny picture. I believe this is what many folks think of
when they think security. I must admit, I've been put in
the same position. You think things are secure, but if you
just look at them from a different direction, you'll see you
need to work a bit harder on them. These pics are
thumbnails, so click on them to make them larger. |
 |
| I found this in a magazine a number of years ago. It was a marketing campaign for someone. I thought the picture was perfect for thinking about how we get "tunnel vision" sometimes and forget to look at the bigger picture. |
 |
| Another one I thought was not only funny, but thought provoking. |
 |
ComputerWorld magazine ran a great little chart one week on the
12 Layers of Adequate Security. They are:
1) Chief Security Officer
2)
OCTAVE methodology (developed by CERN)
3) Authentication
4) Firewalls
5) Intrusion-Detection Systems
6) Virus Scanners
7) Policy Management Software
8) Vulnerability Testing
9) Encryption
10) Proper System Administration
11) Active Content Filtering
12) Incident Response Plan/Continuity of Operations
Book on the OCTAVE methodology "managing information security risks: The OCTAVE approach". The link will take you to Amazon.
I've put an assessment methodology together to teach in a security class at the university I work at. It's a bit watered down, but it worked well as a teaching tool. I'm hoping for work on it for use as an assessment tool for us to use as staff to look at our own operations.
An interesting report on the use of Free and Open Source Software by the DoD.