Access "All Aboard!"
This article is part of the July 2005 issue of Why business managers are a breed of security professional
Policy & Process To gain buy-in and support for your security policies, it's best to start at the top. A clearly written security policy that's supported by management, properly implemented by technical staff and complied with by users is the dream of every security manager. The real world, though, is a bit different. When asked by Information Security what's making their jobs harder, 58 percent of security managers pointed to user ignorance and policy noncompliance. Close behind were business units ignoring risk and threats (51 percent), and the lack of management buy-in and support (43 percent). Security polices aren't something that are written and put on a shelf to collect dust. They're living, dynamic documents that should embody the mission and operations of the enterprise. That means how the policy is created, implemented, communicated and enforced is just as important as what the policy says. Bridging the gap between policy intent and policy practice isn't difficult. Like most things in security, it's about process. Security managers can use some ... Access >>>
Premium Content for Free.
Linux's Best Friend
Thanks to YUM, Linux updates are as reliable as Old Yeller.
Corrent's SR110 SSL VPN Web Security Gateway
by Mike Chapple, Enterprise Compliance
Read about Corrent's SR110 SSL VPN Web Security Gateway with Check Point Connectra 2.0.
Intrusion Detection: Tripwire's Enterprise 5.0
by Scott Sidel, Contributor
June 2005 review of Tripwire's Enterprise 5.0
The Business Case for Network Security: Advocacy, Governance and ROI
Read a review of the book: The Business Case for Network Security: Advocacy, Governance and ROI.
Finding a comprehensive identity and access management architecture requires leadership to navigate the technology and implementation labyrinth.
To gain buy-in and support for your security policies, it's best to start at the top.
- Linux's Best Friend
Hot Pick: NetContinuum's NC-1000 Application Security Gateway 4.3
NetContinuum's NC-1000 Application Security Gateway v4.3
nCircle's IP360 Vulnerability Management System product review
Product review of nCircle's IP360 Vulnerability Management System pricing, setup, configuration, assessment, and installation feature information.
Recent Releases: Security product briefs, July 2005
Read about the security products released in July 2005.
Meet the New Champions
CIGNA makes business managers responsible for security.
Seven ways to leverage your infrastructure against spyware.
- Hot Pick: NetContinuum's NC-1000 Application Security Gateway 4.3
Layer 8: When security is a losing battle
Publisher's Note: Security goals
How important is malware defense in the minds of security professionals? You may be surprised by our 2005 Security Priorities survey.
Ping: Karen Worstell
Perspectives: Lessons learned in BS 7799 certification
Bank of Montreal shares seven lessons learned as it achieved BS 7799 certification.
- Layer 8: When security is a losing battle
More Premium Content Accessible For Free
As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...
This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...
Despite the enormous concerns around cloud security, many information security professionals remain on the sidelines when it comes to their ...