Security Management Strategies for the CIOAccess "Layer 8: Finding a template for good information security"
This article is part of the March 2005 issue of What are botnets and how can you prepare for them?
Templates can help unskilled users do the work of security pros. If I ever cheated on a school test--and I'm not admitting that I did--it would have been in shop class. I'm all thumbs with tools, and, without a bit of help from one of my more gifted friends, I might still be stuck in the 8th grade. Ironically, I later spent six summer and winter vacations working in a machine shop. I learned that an unskilled person can do consistently useful work when a skilled person takes the time to provide some sort of jig, template or fixture--mechanisms to capture and share both knowledge and ability. Workshops are full of them--clamps, outlines, cutting squares, by-the-number diagrams. Security is no different. We can use jigs and templates to provide unskilled users with a means for doing higher-level tasks, only we often call them "best practices." Rather than relying exclusively on skilled workers, they're the best way to do production work in the infosecurity shop. Inexperienced employees can perform more sophisticated tasks, and the C-suite loves them because it... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Recent Releases: Security product briefs, March 2005
Read about security products that were released in March 2005.
-
Guardians of the Crown Jewels
Database security products promise an extra measure of security for your most valuable assets. Are they worth the price?
-
Secure Reads: Outsourcing Information Security
Read a review of the book, Outsourcing Information Security.
-
Crypto Hazard
Could cryptography be the next destructive malware payload?
-
Double-Check with Routers
Conventional routers are the perfect network security auditing device. Take advantage of what they see.
-
Wireless Firewall
AirMagnet Enterprise 5.0
-
Recent Releases: Security product briefs, March 2005
-
- Invasion Force
-
BARRIER1 Model 50 product review
Product review of Barrier1 Model 50 open source security appliances cost, reporting and Web content and email filtering features.
-
Hot Pick: Enterasys's Dynamic Intrusion Response
Dynamic Intrusion Response
-
Vulnerability management: Visionael Enterprise Security Protector 3.0
Visionael Enterprise Security Protector 3.0
-
Configuration Management: St. Bernard Software's SecurityEXPERT 1.0
SecurityEXPERT 1.0
-
Columns
-
Perspectives: Tearing down Firewalls
Firewalls do little more than inhibit your business, writes Paul Simmonds of the Jericho Forum.
-
Layer 8: Finding a template for good information security
Security by Numbers
-
Logoff: Why Microsoft keeps infosec in business
The Wal-Mart of Security
-
Editor's Desk: 'Motivation by embarrassment'
Making the Grade
-
Perspectives: Tearing down Firewalls
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...