Security Program Management Questions


Information Security Awareness
We are in the early stages of creating an Information Security program for our new company.  I would like to email monthly security tips, tidbits, etc  for Security Awareness to all employees.  Have you seen anything “catchy”, grab your attention type email subject lines and/or icons, so we can catch people’s attention to these monthly [...]

Answer Question   |  June 14, 2011  6:43 PM
Information security, IT security, Security, Security Program Management
asked by:
5 pts.

How Many Information Security Policies Do I Need?
I need some advice from other security experts. I was recently hired to work for a small company where our data and infrastructure is at a managed hosting facility. The hosting service has a SAS 70 that is regularly audited.  My company in the past relied – almost solely – on the managed service security [...]

Answer Question   |  January 5, 2011  3:49 AM
ISO 17799, Network security, Network Security Policies, SAS 70, SAS 70 Type II audit compliance, Security Program Management
asked by:
10 pts.

Microsoft’s Defender management and monitoring
Can Microsoft’s Defender be managed centrally from a server? Can I review logs across the domain? Is this possible or is there a similar corporate offering from Microsoft?

Answer Question   |  September 13, 2010  1:31 PM
Domain, Domain Administration, Security in 2010, Security management, Security Program Management, Windows Application
asked by:
1,110 pts.

Open IT Forum: What security-related lessons have you learned?
What is the hardest or most costly (whether it be time, money or pride) lesson you or your company has learned regarding security? We want to hear your security-related stories, concerns and blunders in the discussion area. The most entertaining or insightful stories have 200 knowledge points waiting for them.

Answer Question   |  September 14, 2010  2:27 PM
Open IT Forum, Security in 2010, Security management, Security Program Management
asked by:
6,315 pts.

What do you foresee as your biggest security concerns in the upcoming year?
As you begin planning for next year’s department spending and resource allocation, what do you foresee as your biggest areas of security concern in the upcoming year? Do you think particular areas will require special attention or resources?

Answer Question   |  September 24, 2009  4:43 PM
Open IT Forum, Security management, Security Metrics, Security Planning, Security Program Management
asked by:
4,265 pts.

IT Security
With all the talk about security certifications and working in IT security being hot right now and in the future, I was wondering if it would make more sense to try and get the Security + certification before trying to get another IT certification such as the MCSA (Microsoft Certified Systems Administrator)? I’ve heard that [...]

Answer Question   |  June 18, 2008  2:47 PM
Application security, Career development, Career in Information Security, Careers in networking, Certification and specializations, Certifications, CISSP, CISSP certification, Desktop security, IT careers, MCSA, MCSE, Microsoft Windows, Network security, Networking, Networking certifications, Platform Security, Security, Security certifications, Security management, Security Program Management, Securitychannel, Staffing, Windows Security
asked by:
10 pts.

SAP Security outside in
Question, I came to this company 1yr ago and noticed immediately they had not implemented Security!!! SAP_ALL for everyone in Production!!! So as my second BIG project I took on, Security. In building the profiles for these people I came across 2 problems which are holding me from rolling out these profiles I built, which [...]

Answer Question   |  September 12, 2008  3:16 PM
SAP, SAP security, Security Program Management, VB, Visual Basic
asked by:
5 pts.

Selecting an area within security to start
Hi, I’m studying for an MSc in Information Security from Royal Holloway University of London, I have a B.Engg. degree in computers and a PG Diploma in Networking and Communication as well as the CCSA and CCNA. I’m also studying for the CISSP. Now, with all these qualifications, could you please tell me which would [...]

Answer Question   |  June 25, 2008  4:06 PM
Access control, Application security, Biometrics, Browsers, Career development, CCNA, CCSA, Certifications, CISSP, Compliance, configuration, CRM, Current threats, Database, Digital certificates, Disaster Recovery, Encryption, Exchange, Firewalls, Forensics, Hacking, Identity & Access Management, Incident response, Intrusion management, MCSE, Network security, Networking, patching, PEN testing, Platform Security, Policies, Risk management, Secure Coding, Security, Security Program Management, Spyware, SSL/TLS, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
asked by:
0 pts.

asked by:
0 pts.

Compliance to Acts
How can softwares for url/content filtering or mail scanning be made compliant to HIPAA , Sarbanes-oxley act etc. … What all features are required to be implemented to make them compliant ????

Answer Question   |  March 3, 2007  9:55 AM
Compliance, CRM, Disaster Recovery, Laws, Policies, Regulations, Risk management, Security Program Management, standards
asked by:
0 pts.

Moving into the InfoSec role
I work at a company that currently does not have a position dedicated to information security. I come from a background in networking with a good portion of my focus on firewalls and other security related technologies. I am interested in positioning myself into the role of InfoSec Admin at my compnay and was hoping [...]

Answer Question   |  December 22, 2006  1:36 PM
Access control, Application security, backdoors, Biometrics, Browsers, Compliance, configuration, CRM, Current threats, Database, Digital certificates, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Hacking, human factors, Identity & Access Management, Incident response, Instant Messaging, Intrusion management, Network security, patching, PEN testing, Platform Security, Policies, provisioning, Risk management, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Spyware, SSL/TLS, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
asked by:
0 pts.

wireless vlan
hi all, is it possible to have one link from a switch to an access point and split the network into two networks a wireless network from the AP and a wired port for a user connected thru RJ45 and still keep it secured.

Answer Question   |  October 1, 2008  3:04 AM
Availability, Bandwidth, Compliance, configuration, CRM, Disaster Recovery, Ethernet, FDDI, H.323, IPv4, IPv6, Network protocols, Networking, patching, PEN testing, Platform Security, Policies, Risk management, Security, Security Program Management, TCP, VoIP, vulnerability management, Wireless
asked by:
0 pts.

Blue Socket Gateway and Certificates
We are currently attempting to implement a Blue Socket Gateway in order to authenticate our wireless clients. I have been instructed by Blue Socket that the certificate used by them will not work through a NAT translation and that I should put this device on the outside of my ASA firewall. Apparently, when the Blue [...]

Answer Question   |  November 8, 2006  5:05 PM
Access control, Active Directory, Application security, Browsers, Compliance, CRM, Database, Desktops, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Incident response, Instant Messaging, Intrusion management, Management, Microsoft Windows, Network security, Networking, OS, Policies, Risk management, Secure Coding, Security, Security Program Management, Servers, SQL Server, SSL/TLS, VPN, Web security, Wireless
asked by:
0 pts.

security problem
Hello, I have small workgroup having 10 computers in my office. I do some personal work in office like using yahoo messenger, checking personal e-mails and some online banking site. But how does one of my senior knows it? I do everything lonely and securely so that nobody in the office knows it. But he [...]

Answer Question   |  February 19, 2008  3:44 AM
Access control, Application security, backdoors, Backup & recovery, Biometrics, Browsers, Career development, Compliance, configuration, CRM, Current threats, Data analysis, Database, DataCenter, DataManagement, DB2, Desktop management applications, Development, DHCP, Digital certificates, Disaster Recovery, DNS, Ecommerce applications, Encryption, Enterprise Desktop, Exchange, Exchange security, filtering, Firewalls, Forensics, Hacking, human factors, Identity & Access Management, Incident response, Instant Messaging, Intel, Interoperability, Intrusion management, LANDesk, Lotus Domino, McAfee, Microsoft Systems Management Server, Microsoft Windows, Mobile security, Network security, Networking, Networking services, Oracle, patching, PC/Windows Connectivity, PEN testing, Platform Security, Policies, Postini, provisioning, Risk management, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Software, Spam, Spyware, SSL/TLS, Symantec, Systems management software, Tech support, Trojans, Vector Networks, Viruses, VPN, vulnerability management, Web security, Wireless, worms
asked by:
10 pts.

Application Access Control Management
Is there an enterprise wide software management program that can manage access to our web-based applications, vendor specific programs located thru out the entire company, and our MS applications, including MS Outlook? In other words, we would like to control all of the various software programs and applications thru the use of one product. For [...]

Answer Question   |  February 17, 2011  11:38 AM
Biometrics, Compliance, CRM, Digital certificates, Disaster Recovery, Identity & Access Management, Policies, provisioning, Risk management, Security Program Management, Security tokens, Single sign-on, Systems management software
asked by:
0 pts.

Dos attack
I have been receiving security alert messages from our firewall nearly everyday. e.g TCP Packet – Source:144.120.8.89,39341 Destination:192.168.1.1,25 – [DOS] TCP Packet – Source:210.7.0.36,3473 Destination:210.7.12.23,135 – [DOS] Thu, 2006-10-19 16:30:03 – UDP Packet – Source:192.168.1.111,1443 Destination:202.62.124.238,53 – [Any(ALL) match] can someone help me… Thanks in advance Wanz.

Answer Question   |  July 8, 2009  4:36 PM
Access control, Application security, backdoors, Biometrics, Browsers, Compliance, configuration, CRM, Current threats, Database, Digital certificates, Disaster Recovery, Encryption, Exchange, filtering, Firewalls, Forensics, Hacking, human factors, Identity & Access Management, Incident response, Instant Messaging, Intrusion management, Network security, patching, PEN testing, Platform Security, Policies, provisioning, Risk management, Secure Coding, Security, Security Program Management, Security tokens, Servers, Single sign-on, Spyware, SSL/TLS, Trojans, Viruses, VPN, vulnerability management, Web security, Wireless, worms
asked by:
0 pts.

Allow regular user to unlock screensaver locked computer
We have the problem that in a multiuser environment users either lock their computers, or have the screensaver automatically lock it, and leave the workstation. As a result, nobody else can use that computer. By default, only the current user or an adminstrator can unlock the computer. I would like to allow select users who [...]

Answer Question   |  November 24, 2007  1:31 AM
Biometrics, Compliance, CRM, DataCenter, Desktop management applications, Digital certificates, Disaster Recovery, Identity & Access Management, Network management software, Networking, Policies, provisioning, Risk management, Security, Security Program Management, Security tokens, Single sign-on, Systems management software
asked by:
0 pts.

asked by:
0 pts.

asked by:
0 pts.

asked by:
0 pts.