June 15, 2009 8:45 PM
Posted by: Troy Tate
contract negotiation,
cost reduction,
managed services,
management,
negotiation,
proposal,
request for proposal,
rfp,
Service Level Agreement,
sla,
strategy,
support,
vendor management,
vendor selectionThe first post in this series covered two questions: Where are you? and Where do you want to go?
This second article in the series will describe the calendar of events or...
May 26, 2009 7:34 PM
Posted by: Troy Tate
analysis,
education,
ethereal,
howto,
IT education,
Laura Chappell,
Metrics,
Monitoring,
network analysis,
Networking,
packet analysis,
packet capture,
performance monitoring,
protocol analysis,
reporting,
tcp/ip,
tools,
trace files,
training,
troubleshooting,
wiresharkI recently posted an update about Laura Chappell's Chappell University Online seminars. I attended one of these seminars today. What...
May 22, 2009 6:03 PM
Posted by: Troy Tate
authentication,
complex password,
information security,
Password,
password strength,
Security,
strong password,
toolPasswords are the bane of security but currently and historically the primary authentication method for users. Check out this article by Roger Grimes and see how your password policy stacks up using the Excel spreadsheet tool he provides for download. You can use the to convince management how weak...
May 22, 2009 3:24 PM
Posted by: Troy Tate
application security,
Center for internet security,
change management,
CIS,
incident management,
information security,
information security metrics,
Metrics,
patch management,
Security,
security metrics,
vulnerability managementAs an information security manager I am always struggling with how to measure the security posture of my organization. As they say, you can't manage what you can't measure. There's lots of talk out there about ROI (Return on Investment) or ROSI (Return on Security Investment). These may be business...
May 21, 2009 12:57 PM
Posted by: Troy Tate
analysis,
education,
ethereal,
howto,
IT education,
Metrics,
Monitoring,
network analysis,
Networking,
packet analysis,
packet capture,
performance monitoring,
protocol analysis,
reporting,
tcp/ip,
tools,
trace files,
training,
troubleshooting,
wiresharkI'm a huge fan of Laura Chappell. She has a great sense of humor and is a great educator about all things packet oriented. Previous posts about Laura have included:
May 11, 2009 2:28 PM
Posted by: Troy Tate
bcp,
business continuity,
business continuity planning,
crisis communication,
crisis management,
crisis planning,
disaster prepareness,
disaster recovery,
dr,
education,
enterprise risk management,
erm,
information security,
risk management,
standardsIf you are involved in IT you should also be involved in the disaster recovery planning and operations for your organization. There are quite a few resources to help with this activity. A very good free one just came across my desk that I wanted to share with you.
It is called the...
May 7, 2009 7:33 PM
Posted by: Troy Tate
Defense in Depth,
exploits,
information security,
information security management,
Midmarket security,
Security,
Single Point of Failure,
threats,
Unified Threat Management,
UTM,
vulnerabilitiesAn ITKE poster recently asked a great question.
Experts tout unified threat management appliances as an ideal antimalware, intrusion prevention and content filtering firewall for midmarket companies. But doesn't this counter the long-standing security practice of defense-in-depth? With...
April 29, 2009 1:02 PM
Posted by: Troy Tate
browser,
browser security,
Chrome,
Firefox,
Internet Explorer,
Safari,
Security,
web development,
web securityIf you develop websites or manage webservices, then you should check out the Browser Security Handbook that Google publishes on their code.google.com website. The Browser...
April 27, 2009 1:29 PM
Posted by: Troy Tate
mib,
Monitoring,
netadmin,
performance monitoring,
protocol,
rfc,
snmp,
sysadmin,
tools,
trend analysisSNMP - Simple Network Management Protocol has been around since the late 1980's (RFC 1065, 1066, 1067)....
