I recently learned about
SKiP, Security Knowledge in Practice, in one of my classes at UAT and I am very
intrigued by it. I did not realize that
the problem-based approach was the common.
I guess that is one of the great advantages of SKiP, being a
process-based approach to organize and implement security. I used to work in a small organization that
was based on federal grants. The
turn-over rate for employees was also high.
Looking back now, I realize we utilized the problem-based approach to
security. Does anybody have any
suggestions on how to begin attempting to build and sustain security for our
information assets? Would a
“clean-slate” work best or would incorporating one asset at a time be the best
way? Also, does anybody have experience
with SKiP and smaller organizations? Any
advice would be helpful.
Software/Hardware used: Microsoft Server 2003, Windows XP, Office 2007
Free Guide: Managing storage for virtual environments
Complete a brief survey to get a complimentary 70-page whitepaper featuring the best methods and solutions for your virtual environment, as well as hypervisor-specific management advice from TechTarget experts. Don’t miss out on this exclusive content!