05/27/2008
Across a darkened street, a windowless van is parked. Inside, an antenna is pointed out through a fiberglass panel. The antenna is aimed at an office window on the third floor. As the physician works on a Microsoft Word document that represents some of the notes for a patient record and that describe the complex medical condition of the Chief Executive Officer (CEO) of a Fortune 500 company, the doctor never suspects that what appears on his monitor is being captured, displayed, and recorded in the van below.
05/27/2008
INFOSEC Services prepared this white paper to describe how it can assist enterprises in creating the type of culture that will protect information and information systems throughout an enterprise. This is accomplished through a series of processes that may include staff augmentation, training, provision of security awareness training and briefings, and/or specific INFOSEC/IA tasks that the enterprise needs to have accomplished, for which there is not knowledgeable human assets to complete the work. The maturity of the culture will determine what recommendations are made.
08/13/2007
How the Knowledge of Business Process Engineering is Applied to INFOSEC and What it Adds in Value to an INFOSEC Effort
07/31/2007
How certification and accreditation contributes to the security and functionality of an information technology system
05/09/2006
How solutions management and forensics contribute to the security planning within the enterprise with regard to information technology systems and enterprise business functions throughout their lifecycle
05/09/2006
How vulnerability management contributes to the security of information technology systems and enterprise business functions
05/05/2006
A proven five-phase methodology to develop a scalable enterprise security architecture
04/29/2006
Reducing System Risk through Logical Evaluation of Information Technology Systems
03/30/2006
How the practice of configuration management is applied to INFOSEC and what it adds in value to an INFOSEC effort
03/27/2006
How incident response & disaster recovery, as applied to INFOSEC, reduce vulnerabilities that result from incident-causing events
03/23/2006
How knowledge management as applied to INFOSEC reduces chaos and ensures smoother operation of compliance systems
03/08/2006
How strategic planning for INFOSEC reduces costs of the life of a program and ensures smoother operation of compliance systems and operating systems
02/23/2006
The purpose of this white paper is to define the service area covered by Information Security (INFOSEC) Engineering. In order to ensure that INFOSEC offerings cover enough territory, the offerings of INFOSEC Services have been divided into two major components, those that are part of INFOSEC Engineering and those that are part of INFOSEC Operations.
02/23/2006
The purpose of this white paper is to define the service area covered by Information Security (INFOSEC) Operations. In order to ensure that INFOSEC offerings cover enough territory, the offerings of INFOSEC Services have been divided into two major components, those that are part of INFOSEC Operations and those that are part of INFOSEC Engineering.
02/15/2006
Using a Strengths, Weaknesses, Opportunities, and Threats (SWOT) Analysis as a Risk Assessment and Risk Management Tool