This article is part of an Essential Guide, our editor-selected collection of our best articles, videos and other content on this topic. Explore more in this guide:
5. - Your questions answered: Read more in this section
- Mike Chapple, Enterprise Compliance
- Joseph Granneman, security management
Explore other sections in this guide:
Mike Chapple, Ph. D., CISA, CISSP, is an IT security manager with the University of Notre Dame. He previously served as an information security researcher with the National Security Agency and the U.S. Air Force. Chapple is a frequent contributor to SearchSecurity.com, and serves as its resident expert on enterprise compliance, frameworks and standards for its Ask the Experts panel. He previously served as site expert on network security, is a technical editor for Information Security magazine and the author of several information security titles, including the CISSP Prep Guide and Information Security Illuminated.
See below for Mike's archive of advice on both compliance and network security. To submit a question for Mike, click on the "Ask a Question" tab above.
Do you have a question for our experts?
Contributions from Mike Chapple, Enterprise Compliance
- Will VoIP attacks result in more than just spam?
- Will Cisco's plan to open access to the IOS improve network security?
- Should enterprises implement a mandatory iPhone VPN?
- Should iPhone email be sent without SSL encryption?
- Should organizations lag behind on IPv6 adoption?
- Employee-owned handhelds: Security and network policy c
- Which is a more secure data access technology: SPAN or TAP?
- Should a domain controller be placed within the DMZ?
- Worst practices: Encryption conniptions
- If one server in a DMZ network gets attacked from outside, will the other servers be corrupted?
- Phased NAC deployment for compliance and policy enforce
- How to secure an FTP connection
- What are the pros and cons of shaping P2P packets?
- Should an ISP keep corrupted machines off of a network?
- Is centralized logging worth all the effort?
- DMVPN configuration: Should a firewall be between router and Internet?
- What is the best possible IDS deployment for an Enterprise Resource Planning (ERP) system?
- Can a firewall alone effectively block port-scanning activity?
- How helpful is the centralized logging of network flow data?
- Should an intrusion detection system (IDS) be written using Java?