Upload File

tips for safeguarding your digital assets

1
Abstracts of Recent Articles and Literature breath until the danger passes. More frequently, however, relatively mundane viruses are transferred through floppy disks and E-mail. The potential for viruses em- bedded within messages sent to the message system database is increasing. As messages are shared and sent over corporate networks so too can viruses spread. When it comes to groupware servers, most anti-virus products are ineffective because they tend to skip over very large files. When a message hits the groupware server, Cheyenne’s Antivirus Agents can either detect a virus and delete the document or cure the virus and reattach the document. The agents search for and re- move viruses spreading throughout a messaging system, including Concept, a macro virus that is written in Microsoft Word’s macro language. McAfee recently an- nounced it has discovered a macro virus that can infect Microsoft Excel spreadsheets. To combat this virus, McAfee has developed a new module that works with its VirusScan anti-virus software. LAN, November 1996, p. 20. Tips for safeguarding your digital assets. This article outlines how you can articulate about security, facilitate decisions regarding obtaining the necessary security equipment and prepare a plan ofaction. Outline the risks and make constructive suggestions. Write a strong enforceable security policy which demands man- agement approval for all Internet-based electronic commerce endeavours. A thorough risk assessment will enable you to articulate the range of risks, threats and vulnerabilities your organization is exposed to. Incor- porate electronic commerce into the overall network security architecture. If your organization hasn’t already developed a comprehensive approach to security, the move toward electronic commerce could be an excel- lent opportunity to get it done. Use security tools as they become available. Turn on and rigorously use the controls supplied by the vendors and Internet service providers. An organization involved with ED1 must take care to ensure that its trading partners employ a level of security at least as good as its own. Use strong encryp- tion. Keys fewer than 100 bits in length may not be a good idea. Keys of 40-50 bits can be broken by deter- mined hackers using brute force attacks. The decrypted values and keys should be stored on a machine that has no connection to the outside network. Consider a security module or tamper-proof enclosure that erases the keys if and when the device is tampered with. Regular comprehensive audits, as well as intrusion de- tection efforts should be conducted on host systems. Implement strong authentication. One-time authenti- cation is better than any fixed password scheme, as long as it is not cost prohibitive. Devise disaster recovery and business continuity plans for electronic commerce ap- plications and data. Establish clear, concise policies and mechanisms for responding to complaints of fraud, whether perpetrated by or against customers, trading partners, employees or others. LAN, October 2996,~ 60. Controlling access, Morris Edwards. More companies are giving Internet access to their employees. In doing so they expose their internal network to intruders from any part of the world at any time. The Yankee Group of Boston, USA expects the tirewall market to grow from an estimated $121 million in 1995 to a projected $924 million by 1999. International Data Corp. sees the market expanding from 10 000 units shipped in 1195 to 1.5 million in 2000. Firewalls are generally used to limit outsider access to the internal corporate network via the Internet. For organizations with intranets, tire- walls can also be used to limit internal access to departments with sensitive information such as finance and human resources. A firewall offers no protection once an intruder has penetrated or circumvented it, so the firewall must be immune to penetration and all traffic to and from the Internet must pass through it. Firewalls allow the network administrator to consoli- date security at a single, centralized location rather than being distributed to every host on the network. Internet security can be monitored at the firewall and alarms generated if suspicious activity occurs. The tirewall is also useful for logging and auditing Internet usage. Application gateways are the most secure because they validate not only the IP address, but also the session and the application itself. Application gateways are the most difficult to implement, however, and perform the slow- est since they do such exhaustive checking of the traffic. Circuit-level gateways validate the IP address and the session, but not the application, so they are faster but less secure. Application gateways are less flexible and more intrusive, but this relative lack of transparency is the price for higher security Conrrnunicutions News, October 1996. pp. 78- 79. Getting real about virtual private data nets, Nick Lippis. Creating secure links over the Internet is going to take some serious effort. This is a new trend referred to as virtual private data networks (VPDN); extending a VPN to include the Internet for data. Instead of managing routers and private lines, companies just buy 588

Upload: helen-meyer

Post on 02-Jul-2016

218 views

Category:

Documents


2 download

Report

TRANSCRIPT

Page 1: Tips for safeguarding your digital assets

Abstracts of Recent Articles and Literature

breath until the danger passes. More frequently, however, relatively mundane viruses are transferred through floppy disks and E-mail. The potential for viruses em- bedded within messages sent to the message system database is increasing. As messages are shared and sent over corporate networks so too can viruses spread. When it comes to groupware servers, most anti-virus products are ineffective because they tend to skip over very large files. When a message hits the groupware server, Cheyenne’s Antivirus Agents can either detect a virus and delete the document or cure the virus and reattach the document. The agents search for and re- move viruses spreading throughout a messaging system, including Concept, a macro virus that is written in Microsoft Word’s macro language. McAfee recently an- nounced it has discovered a macro virus that can infect Microsoft Excel spreadsheets. To combat this virus, McAfee has developed a new module that works with its VirusScan anti-virus software. LAN, November 1996, p. 20.

Tips for safeguarding your digital assets. This article outlines how you can articulate about security, facilitate decisions regarding obtaining the necessary security equipment and prepare a plan ofaction. Outline the risks and make constructive suggestions. Write a strong enforceable security policy which demands man- agement approval for all Internet-based electronic commerce endeavours. A thorough risk assessment will enable you to articulate the range of risks, threats and vulnerabilities your organization is exposed to. Incor- porate electronic commerce into the overall network security architecture. If your organization hasn’t already developed a comprehensive approach to security, the move toward electronic commerce could be an excel- lent opportunity to get it done. Use security tools as they become available. Turn on and rigorously use the controls supplied by the vendors and Internet service providers. An organization involved with ED1 must take care to ensure that its trading partners employ a level of security at least as good as its own. Use strong encryp- tion. Keys fewer than 100 bits in length may not be a good idea. Keys of 40-50 bits can be broken by deter- mined hackers using brute force attacks. The decrypted values and keys should be stored on a machine that has no connection to the outside network. Consider a security module or tamper-proof enclosure that erases the keys if and when the device is tampered with. Regular comprehensive audits, as well as intrusion de- tection efforts should be conducted on host systems.

Implement strong authentication. One-time authenti- cation is better than any fixed password scheme, as long as it is not cost prohibitive. Devise disaster recovery and business continuity plans for electronic commerce ap- plications and data. Establish clear, concise policies and mechanisms for responding to complaints of fraud, whether perpetrated by or against customers, trading partners, employees or others. LAN, October 2996,~ 60.

Controlling access, Morris Edwards. More companies are giving Internet access to their employees. In doing so they expose their internal network to intruders from any part of the world at any time. The Yankee Group of Boston, USA expects the tirewall market to grow from an estimated $121 million in 1995 to a projected $924 million by 1999. International Data Corp. sees the market expanding from 10 000 units shipped in 1195 to 1.5 million in 2000. Firewalls are generally used to limit outsider access to the internal corporate network via the Internet. For organizations with intranets, tire- walls can also be used to limit internal access to departments with sensitive information such as finance and human resources. A firewall offers no protection once an intruder has penetrated or circumvented it, so the firewall must be immune to penetration and all traffic to and from the Internet must pass through it. Firewalls allow the network administrator to consoli- date security at a single, centralized location rather than being distributed to every host on the network. Internet security can be monitored at the firewall and alarms generated if suspicious activity occurs. The tirewall is also useful for logging and auditing Internet usage. Application gateways are the most secure because they validate not only the IP address, but also the session and the application itself. Application gateways are the most difficult to implement, however, and perform the slow- est since they do such exhaustive checking of the traffic. Circuit-level gateways validate the IP address and the session, but not the application, so they are faster but less secure. Application gateways are less flexible and more intrusive, but this relative lack of transparency is the price for higher security Conrrnunicutions News, October 1996. pp. 78- 79.

Getting real about virtual private data nets, Nick Lippis. Creating secure links over the Internet is going to take some serious effort. This is a new trend referred to as virtual private data networks (VPDN); extending a VPN to include the Internet for data. Instead of managing routers and private lines, companies just buy

588

Safeguarding Vulnerable Adults Everyone’s Business Financial Abuse Patricia Trainor, Adult Safeguarding Lead, SHSCT Yvonne McKnight, Adult Safeguarding

Corporate Intelligence Protecting your reputation and ... · 2 Corporate Intelligence • Protecting your reputation and safeguarding your assets Corporate Intelligence • Protecting

Real-estate Assets: Tips And Tricks For Success

Safeguarding Adults Review – Robyn...Safeguarding Adult Review - Robyn Cumbria Safeguarding Adults Board Newsletter January 2016 Safeguarding Adults Review – Robyn cumbriasab.org.uk

Safeguarding Adults (level 1) - RDaSH NHS Foundation Trust...10 | Safeguarding adults level 1 Safeguarding Adult Policy and Procedures RDaSH Safeguarding Adults Policy provides more

Arrangements for Supporting and Safeguarding …suffolkscb.org.uk/assets/Working-with-Children/Policies-Guidance... · and Safeguarding Unaccompanied Asylum Seeking Children ... They

Safeguarding the future, securing Shangri-La repo… · Safeguarding the future, securing Shangri-La Integrating environment and development in Nepal Nepal has abundant natural assets

Protect Yourself And Your Assets With These Bankruptcy Tips

TIPS & INFORMATION ACCESSIBILITY AND MOBILITY GUIDE FOR ...secure.cdn1.wdpromedia.com/media/wdpro-assets/... · TIPS & INFORMATION. Disabilities. Disney Wild . About Safety ® Tips

Safeguarding OECD Information Assets Frédéric CHALLAL Head, Systems Engineering Team OECD

Safeguarding, risk & empowerment. Overview Empowerment, choice and safeguarding Divergent policy agendas Choice and independence Safeguarding Squaring

Safeguarding Children. Dr Geoff Kittle Named Doctor Safeguarding Children

Safeguarding Children Services - YMCAvictoria.ymca.org.au/media/docs/Safeguarding-Children...Safeguarding Children Services Safeguarding Children online training instructions 3 A confirmation

Liverpool Safeguarding Children Board Safeguarding Children and Licensing

Machine Safeguarding Machine Safeguarding

Parish Safeguarding Toolkitcofeworcester.contentfiles.net/media/assets/file/TOOLKIT... · 2017. 1. 31. · Diocese: Worcester Parish: Safeguarding Toolkit (Child and Adult) 2 If you

Practical approaches to safeguarding and personalisation€¦ · Practical approaches to safeguarding and personalisation . 1. Taking a strategic approach to safeguarding . Safeguarding

Safeguarding of Assets: Concerns for Safety adn Security in Housekeeping Operation

Safeguarding the Financial Assets of Your Church Indiana ...indianaumc.s3.amazonaws.com/4935B2C97171427EB8BE96... · Safeguarding the Financial Assets of Your Church ... identifying

Safeguarding Machinery and Equipment - Machine …machineroomguarding.com/assets/safeguarding_machinery.pdf · in reviewing this edition of Safeguarding Machinery and Equipment:

Safeguarding Critical Enterprise Assets and Data · Safeguarding Critical Enterprise Assets and Data ... Smart Security. ... to place it in another reader to try to access the security

Safeguarding ICH: key safeguarding measures

Safeguarding Practice Update Assessment in Safeguarding Children

Safeguarding your Business Assets through Understanding of the Win32 API

Child protection and safeguarding: COVID-19 addendum€¦ · online safeguarding system, MyConcern, and use SIMs, safeguarding can be done remotely. The DSL and Safeguarding Officer

Safeguarding Adults with care and support needs Update ... · Safeguarding Adults with care and support needs ... knowledge of how to report safeguarding ... TELEPHONE SAFEGUARDING

ExploreExport 2014 - Safeguarding Your Intellectual Assets

Safeguarding Adults (level 1) - RDaSH NHS Foundation Trust · 10 | Safeguarding adults level 1 Safeguarding Adult Policy and Procedures RDaSH Safeguarding Adults Policy provides more

Safeguarding - presentation made at a safeguarding convention. Bolton 2015

Safeguarding and Child Protection Policy · Safeguarding in Education - 2016 All delivered via Child Protection.com + annual staff Inset, Safeguarding week & half termly Safeguarding

GUIDELINES FOR SAFEGUARDING ALL BUSINESSESalabamapublichealth.gov/covid19/assets/cov-sah-businesses.pdf · ALL BUSINESSES 5/2020 alabamapublichealth.gov It is strongly recommended

Safeguarding Adults The Essentials - Club Matters Sport England€¦ · The Essentials Top tips for safeguarding adults: • Have a stand-alone safeguarding adults policy and procedures

Havering Safeguarding Board Training Programme - 2019-2020 · Safeguarding Week 2019 Safeguarding Week 10-15 November 2019 Havering Safeguarding Week will take place 10-15th November

Diocese of Manchester independent safeguarding audit (May ... · 2.1 Safeguarding Management 3 2.2 Diocesan safeguarding adviser/s 6 2.3 Diocesan Safeguarding Group 8 2.4 Guidance,

BROCHURE 2019 Conference registration draft...Satie Munn, Attorney at Lindley Law, PLLC. E1: Powers of Attorney: Types of Powers of Attorneys and Tips for Safeguarding Your Assets