X
Start evaluating software now

 Security code
Already have a TEC account? Sign in here.
 
Don't have a TEC account? Register here.

Information Security Selection
Information Security Selection
 

 handbook of information security


HIPAA-Watch for Security Speeds Up Compliance Part One: Vendor and Product Information
HIPAA-Watch for Security is a tool designed to guide organizations through the risk analysis required by the Health Insurance Portability and Accountability Act

handbook of information security  Krause, Information Security Management Handbook , 4th Edition , Auerbach Publications, 2004 About the Author Laura Taylor is the President and CEO of Relevant Technologies ( http://www.relevanttechnologies.com ) a leading provider of original information security content, research advisory services, and best practice IT management consulting services. Copyright 2004, Relevant Technologies, Inc. All rights reserved.

Read More


Information Security RFI/RFP Template

Firewall System, Intrusion Detection System, Anti-Virus System, Virtual Private Network (VPN), Public Key Infrastructure (PKI), Enterprise Applications, Cryptographic Module ... Get this template

Read More
Start evaluating software now

 Security code
Already have a TEC account? Sign in here.
 
Don't have a TEC account? Register here.

Information Security Selection
Information Security Selection

Documents related to » handbook of information security

Financial IT Reg Enforcement Service: Using FFIEC Security Best Practices to Ensure Laptops and PCs are Secure and Compliant


Lawmakers and auditors have begun to require extensive safeguards for personal data residing on laptops, distributed personal computers, and handheld devices. They are also mandating protections for data being transferred to and from mobile employees over wireless connections and public networks. This white paper discusses the ensuing challenges faced by financial institutions and describes some of the tools that exist to prove compliance.

handbook of information security  IT Reg Enforcement Service: Using FFIEC Security Best Practices to Ensure Laptops and PCs are Secure and Compliant Lawmakers and auditors have begun to require extensive safeguards for personal data residing on laptops, distributed personal computers, and handheld devices. They are also mandating protections for data being transferred to and from mobile employees over wireless connections and public networks. This white paper discusses the ensuing challenges faced by financial institutions and Read More

Not Just Words: Enforce Your E-mail and Web Acceptable Usage Policies


Unmanaged employee use of e-mail and the Web can subject your organization to costly risks including litigation, regulatory investigations, and public embarrassment. Responsible organizations should deploy clearly written acceptable usage policies (AUPs) for e-mail and Web usage, supported by employee training and enforced by technology solutions. Find out how to develop and enforce e-mail and Web AUPs in your workplace.

handbook of information security  Nancy Flynn, The ePolicy Handbook, 2nd Edition, New York, AMACOM, 2008. Alex Berenson, Lilly Considers $1 Billion Fine to Settle Case, The New York Times (January 31, 2008), www.nytimes.com /2008/01/31/business/31drug.html. See also Ina Fried, The High Cost of E-Mail Autocomplete, CNETNews. com (February 5, 2008), www.news.com /8301-138603-9865371-56.html. See also Katherine Eban, Lilly's $1 Billion E-Mailstrom, Conde Nast Portfolio.com (February 5, 2008), www.portfolio.com Read More

The 2008 Handbook of Application Delivery: A Guide to Decision Making


IT organizations can no longer manage networks in isolation from the applications they support, requiring a shift from focusing on devices to a focus on performance. But a number of factors complicate the task of ensuring acceptable application performance, including the lack of visibility into application performance. Learn tips to plan, optimize, manage, and control your application performance and improve delivery.

handbook of information security  2008 Handbook of Application Delivery: A Guide to Decision Making The 2008 Handbook of Application Delivery: A Guide to Decision Making If you receive errors when attempting to view this white paper, please install the latest version of Adobe Reader.   When NetQoS was founded in 1999, traffic over the WAN was increasing in volume and complexity, leading to growing application performance issues. However, most approaches to network management still focused on device availability and fault Read More

Intranets: A World of Possibilities


An intranet precisely built can thoroughly simplify work processes and provide a repository of all internal, electronic data. It empowers employees and reduces the waste that paper-based documents create

handbook of information security  She accesses the employee handbook and online training program, and certifies when both have been reviewed. HR and authorized branch management can readily access all documentation. When the employee undergoes a name change or moves to a new address, she can complete an online form that will replace the information everywhere necessary, eliminating redundant processes. Technological Requirements What technology is required to operate an intranet? The technology is relatively modest compared to other Read More

Security Information Market Heading for Growth


The growth of security vulnerabilities is creating a new market for security information. With link sharing and cooperation among sites, it is not clear that this market is nearly as predatory as some publishing markets.

handbook of information security  Information Market Heading for Growth Security Information Market Heading for Growth L. Taylor - August 31, 2000 Event Summary It is estimated that the security information market will grow to a $1.5 billion by 2003.[1] With a dearth of security professionals available, viewing online security articles offers companies the opportunity to gain information, and improve system security knowledge at low overhead and a fast pace. Via the web, IT organizations can find out about security bugs, patches, Read More

Web Hosting Security 2014


Security is a growing threat for hyper-connected and Internet-dependent businesses whose activities increasingly rely on Web hosting servers. This paper examines the extent to which businesses are vulnerable to security breaches and gives an overview of best strategies for protection.

handbook of information security  Hosting Security 2014 Security is a growing threat for hyper-connected and Internet-dependent businesses whose activities increasingly rely on Web hosting servers. This paper examines the extent to which businesses are vulnerable to security breaches and gives an overview of best strategies for protection. Read More

E&Y Spins-Off eSecurity Online and Unveils Security Vulnerability Assessment Services


In an effort to assist corporations in preventing security related losses, Ernst & Young announced that it is spinning off a new online security venture. The new venture's lead product line is their Security Vulnerability Assessment service.

handbook of information security  Y Spins-Off eSecurity Online and Unveils Security Vulnerability Assessment Services E&Y Spins-Off eSecurity Online and Unveils Security Vulnerability Assessment Services L. Taylor - July 12, 2000 Event Summary In an effort to assist corporations in preventing security related losses, Ernst & Young announced that it is spinning off a new online security venture. The new venture's premiere product line is their Security Vulnerability Assessment service. Market Impact By having an outside objective security Read More

Security Risk Assessment and Management in Web Application Security


Corporations are at risk because Web applications and servers make them susceptible to hackers and cyber crooks. However, companies can perform security risk assessments that mitigate risk by applying security risk management policies designed to protect a company’s data.

handbook of information security  Risk Assessment and Management in Web Application Security Originally published January 27, 2006 Security risk assessment and security risk management have become vital tasks for security officers and IT managers. Corporations face increased levels of risk almost daily from software vulnerabilities hidden in their business-technology systems to hackers and cyber crooks trying to steal proprietary corporate intellectual property, including sensitive customer information. An ever-growing list of Read More

Malware Security Report


Learn how to protect your company in the VeriSign Malware Security Report.

handbook of information security  Security Report Silent and unseen, malware can infect your servers and Web sites, destroy customer trust—and put your business at risk. And the problem is getting worse as cyber criminals use increasingly sophisticated techniques to spread malware through the Web. Learn how to protect your company in the VeriSign Malware Security Report . You'll learn about the methods cyber criminals use, how they attempt to profit at your expense—and how you can stop them. Protect your company from the Read More

Malware Security Report: Protecting Your Business, Customers, and Bottom Line


Find out how in Malware Security Report: Protecting Your Business, Customers, and Bottom Line.

handbook of information security  Security Report: Protecting Your Business, Customers, and Bottom Line Malware is malicious software designed to attack and damage your business. Defining malware is simple, protecting against it is not. Malware can piggyback undetected in e-mails, instant messages, Web sites, and peer-to-peer connections—no organization is safe. But you can defend against malware attacks. Find out how in Malware Security Report: Protecting Your Business, Customers, and Bottom Line . You'll learn how cyber Read More

Ernst & Young Leads Big 5 in Security


Announcing an upgrade to its online security portal, Ernst & Young, takes the lead in big 5 security services.

handbook of information security  & Young Leads Big 5 in Security Ernst & Young Leads Big 5 in Security L. Taylor - May 19, 2000 Event Summary Announcing an upgrade to its online security portal, Ernst & Young is clearly out in front of the big five when it comes to security consulting services. Its newly expanded online portal, eSecurityOnline.Com, offers a multitude of resources including newsgroups, mailing lists, vulnerability and virus information, a listing of security service offerings, security training, a library, and much Read More

Security Snafu at NetBank


Online internet bank NetBank suffered an embarrassing security exposure late last week when a customer discovered he had access to more funds and information than his own.

handbook of information security  Snafu at NetBank Event Summary NetBank (Nasdaq: NTBK ), an Atlanta based internet bank, suffered a major credibility blow last week when a customer named Mahesh Rao reported that he had been inadvertently given access to another customer's account, transaction history, social security number, and funds. Rao had to call NetBank five times before the problem was resolved. According to Tom Cable, Chief Technology Officer of NetBank, the problem occurred due to human error. NetBank is an FDIC insured Read More

Standard & Poor's Announces Security Certification


After exposing numerous customers to embarrassing security vulnerabilities, S&P announces a security certification program.

handbook of information security  & Poor's Announces Security Certification Standard & Poor's Announces Security Certification L. Taylor - July 31, 2000 Event Summary Earlier this year, some private industry security experts, in conjunction with SecurityFocus.com, identified and exposed the security vulnerabilities on Standard & Poor's Comstock boxes. TEC published the story of this security faux pas earlier this month. After the story was published, Standard & Poor's announced a certification program dubbed Security Circle Read More

4 Key Steps to Automate IT Security Compliance


An unprecedented wave of security breaches has led to the establishment of technical standards, IT governance frameworks and laws designed to improve and enforce IT security. Companies are under increasing pressure to control their IT infrastructures more effectively. Learn how ongoing automated vulnerability assessments, together with well-defined network security policies, can simplify the compliance process.

handbook of information security  Key Steps to Automate IT Security Compliance 4 Key Steps to Automate IT Security Compliance If you receive errors when attempting to view this white paper, please install the latest version of Adobe Reader. Qualys® is headquartered in Redwood Shores, California, with offices in France, Germany, the U.K., Japan and Hong Kong, and has partners worldwide. Source : Qualys Resources Related to IT Security Compliance : Risk (Wikipedia) 4 Key Steps to Automate IT Security Compliance A Unified Approach for Read More