design, Microsoft, SharePoint, tools, website, website admin, website administration
analysis, education, ethereal, howto, IT education, Laura Chappell, Metrics, Monitoring, network analysis, Networking, packet analysis, packet capture, performance monitoring, protocol analysis, reporting, tcp/ip, tools, trace files, training, troubleshooting, wiresharkI recently posted an update about Laura Chappell's Chappell University Online seminars. I attended one of these seminars today. What...
0 Comments
RSS Feed
Email a friend
authentication, complex password, information security, Password, password strength, Security, strong password, toolPasswords are the bane of security but currently and historically the primary authentication method for users. Check out this article by Roger Grimes and see how your password policy stacks up using the Excel spreadsheet tool he provides for download. You can use the to convince management how weak...
0 Comments
RSS Feed
Email a friend
application security, Center for internet security, change management, CIS, incident management, information security, information security metrics, Metrics, patch management, Security, security metrics, vulnerability managementAs an information security manager I am always struggling with how to measure the security posture of my organization. As they say, you can't manage what you can't measure. There's lots of talk out there about ROI (Return on Investment) or ROSI (Return on Security Investment). These may be business...
0 Comments
RSS Feed
Email a friend
analysis, education, ethereal, howto, IT education, Metrics, Monitoring, network analysis, Networking, packet analysis, packet capture, performance monitoring, protocol analysis, reporting, tcp/ip, tools, trace files, training, troubleshooting, wiresharkI'm a huge fan of Laura Chappell. She has a great sense of humor and is a great educator about all things packet oriented. Previous posts about Laura have included:
0 Comments
RSS Feed
Email a friend
education, Networking, OSI model, tcp/ipHere is another source for educating yourself and some of your users on what networking is all about and why fixes are not always explained in simple terms. The example that the author gives of trying to explain to a casual air traveller how all of the devices on an aircraft work together for a...
0 Comments
RSS Feed
Email a friend
bcp, business continuity, business continuity planning, crisis communication, crisis management, crisis planning, disaster prepareness, disaster recovery, dr, education, enterprise risk management, erm, information security, risk management, standardsIf you are involved in IT you should also be involved in the disaster recovery planning and operations for your organization. There are quite a few resources to help with this activity. A very good free one just came across my desk that I wanted to share with you. It is called the...
0 Comments
RSS Feed
Email a friend
Defense in Depth, exploits, information security, information security management, Midmarket security, Security, Single Point of Failure, threats, Unified Threat Management, UTM, vulnerabilitiesAn ITKE poster recently asked a great question.
Experts tout unified threat management appliances as an ideal antimalware, intrusion prevention and content filtering firewall for midmarket companies. But doesn't this counter the long-standing security practice of defense-in-depth? With...
0 Comments
RSS Feed
Email a friend
