Access "Ping: Don Ulsch"
This article is part of the June 2006 issue of Is your data safe from next-generation attackers?
Don Ulsch, risk management director for audit services provider Jefferson Wells, says enterprises that treat physical and information security as separate disciplines are making a mistake. Critical controls, like background checks, must be integrated into a corporate security policy because they could impact IT. What mistakes are enterprises making when it comes to integrating physical and information security? I've seen cases where companies focus their background checks on the executive level and miss the relatively low-level employee who may end up with high-level access to critical information. This could be someone who takes the fingerprints of contractors, new employees and visitors, and enrolls them into the biometric ID system. Though that person is low-level, he is coming into receipt of a high number of private identifiers like a fingerprint. Whenever someone's enrolled, the fingerprint appears on the monitor before it's encrypted. The administrator can't print or e-mail that image and can't copy it into a Word document, but he can get a ... Access >>>
Premium Content for Free.
Network Access Control: StillSecure's Safe Access 4.1
StillSecure's Safe Access 4.1
Hot Pick: BlueCat Networks' Adonis 1000
BlueCat Networks' Adonis 1000
Today's Attackers Can Find the Needle
EMERGING THREATS From massive botnets to targeted phishing and transacting Trojans, today's new breed of attacker is more dangerous than ever.
Intrusion Prevention: McAfee's IntruShield 3000
McAfee's IntruShield 3000
Unified Threat Management Guide for Managers
SPECIAL It's a firewall, it's an IPS, it's antivirus, it's antispam…but is it right for you?
Extrusion Detection: Security Monitoring for Internal Intrusions
Read a review of the security book Extrusion Detection: Security Monitoring for Internal Intrusions.
- Network Access Control: StillSecure's Safe Access 4.1
This is a definition of biometrics by sister site whatis.com.
Configuration Management: FullArmor's FullArmor PolicyPortal
FullArmor's FullArmor PolicyPortal
Recent releases: Security product briefs, June 2006
Learn about the security products released in June 2006.
Reworking Risk Policy
POLICIES Whether you manage policies manually or use automated tools, it is imperative to get your policies and systems in sync.
Exploring your Endpoint Protection Options
Understand your options for building an endpoint security solution. Get advice on network access control (NAC), Network Access Protection, endpoint security policy definition, enforcement and detection.
- Biometrics by WhatIs.com
Perspectives: Security training must be a visual, interactive experience
Security awareness training exercises must be interactive and visually stimulating, and must help users judge the validity and reliability of websites and web content.
On The Radar: Preparing for managed security services
Editor's Desk: Debating a national data protection law
Wanted: Federal Legislation
Ping: Don Ulsch
- Perspectives: Security training must be a visual, interactive experience
More Premium Content Accessible For Free
Cloud and mobility in the enterprise has caused a heightened need for organizations to take a closer look at next generation authentication ...
Virtualization and cloud computing are part and parcel of enterprise networks today. Virtualization security, however, is still a bolt-on affair ...
Mobile device security is one of the biggest nightmares InfoSec pros face in the era of bring your own everything (BYOE). Simply banning employees ...