Posted on in Information Systems
Organizations use contingency planning to ensure the quickest return of information services in the event of a service disruption. A service disruption can be any event that affects the continuity of information services and may range from a human orchestrated denial of service attack to a major earthquake. From a …
Posted on in Information Systems
Even a network maintained by the most diligent security professionals will occasionally suffer from a security breakdown. A security breakdown is an incident that results in the opportunity for an information system to be compromised. The breakdown does not have to result in an actual compromise; the opportunity for compromise …
Posted on in Information Systems
Proxy servers have become increasingly popular security devices in corporate networks. It is becoming a standard practice to use a dedicated proxy server to relay Hypertext Transfer Protocol (HTTP) requests to web servers protected by a firewall. In addition to relaying HTTP requests, proxy servers can also be used to …
Posted on in Information Systems
Managing isolated systems is already a complicated task. Network connectivity from outside the Local Area Network (LAN) introduces new complexities that must be taken into account when designing an information security plan. The most significant concern when connecting a LAN to the Internet is protecting internal information from external attackers …
Posted on in Information Systems
Initially, information security was tightly bound to physical security. The introduction of networked systems created a need for a new kind of security system. Not only must information be protected from improper physical access, it must also be protected from outside attackers using the very tools that make distributed computing …
Posted on in Information Systems
Email communication has become so common, users often forget that there is no inherent security in the common implementation. For general correspondence it might be acceptable to forsake security in the interest of ease of use. After all, the sharing of recipes between old friends is not always a matter …
Posted on in Information Systems
In the field of information technology, there are two kinds of professionals. Those that seek to make information more accessible through applications and services, and those that strive to protect that same information. Information security professionals protect information by first striving to identify the individuals access the system and then …
Posted on in information_systems
It can be said that security policies are living documents that must be frequently reviewed and revised. As organizations evolve, their security needs evolve as well. Policies written before the evolution of the organization may not adequately reflect newly developed needs. Therefore, it should be considered standard procedure to review …
Posted on in System Administration
I manage servers and network devices that, for a variety of reasons, allow users to connect via SSH from anywhere in the world. Although the traffic generated by these connections is encrypted, leaving this open to the world does present a bit of a security risk. Would-be crackers use compromised …
Posted on in Software
After almost a year of development, the Internet Software Consortium (ISC) announced the newest release of their Domain Name System (DNS) server, BIND 9.4.3, today. This release includes over 140 fixes over BIND 9.4.2.
Although this maintenance release is mainly focused on bug fixes, it does …
