 |
 |
 |
 |
 |
 |
|
|
||||||
|
|||||||
Assessing Risk "Guest Editorial: Factoring Travel Risk Management into Your Bottom Line" J. Briley. (CI, Vol 2, 3, p. 14) Developing a cohesive travel risk management strategy for managing your firm's operations can be crucial to employee and company safety. "How to Determine the True Financial Impact of Outsourcing" R. Lowery. (CI, Vol 2, 3, p. 22) Failing to factor risk into your financial projections when deciding to move operations overseas is a common mistake ammong many corporate executives. "No-Weak Links: Bolster Your Organization's Intergrity" D. Stack. (dcm, March/April 2004, p.24) The quest for corporate intergrity began long before the Enron and WorldCom scandals. The top auditing professionals explan the common "blind spots" that companies overlook, and sidebar looks at the finer point of the Sarbanes-Oxley Act. "A pound of prevention" M. SauterK. Holshouser, J. Doane. (SEC, Vol 48, 3, p.91) Because it's more cost-effective to avoid a disaster than it is to recover from one, prevention is paramount for homeland security, and it begins with a good threat assessment. "Awash in Risk" M. Goldsmith. (SEC, Vol 48, 4, p.103) These tips on how public water utilities can get the most from a vulnerability assessment are equally useful for any business. "Catastrophe Modeling for Corporate Risk Managers" T. O'Brien. (RM, Vol 51, 5, p. 18) Time and again, history has shown how a single hurricane, earthquake, tornado or act of terrorism can destroy property, interrupt business, injure workers and otherwise throw a successful company into turmoil. "Facing Risk in the 21st Century" M. Jablonowski. (RM, Vol 51, 6, p. 26) The first step in divining the future of risk management is to set our understanding of risk and its treatment on a more realistic basis. "The Duality of Risk" G. L. Head. (RM, Vol 51, 1, p. 20) A true risk management professional must be objective in seeing the wineglass as it truly is: half empty and half full, both threatened with loss and ready to embrace new opportunities. Whatever organization a risk manager serves, he or she must first be objective and logical about risk, guiding others to be equally rational in their approach to risk. "The New Face of Enterprise Risk" S. KunzlerA. Payne. (RM, Vol 51, 6, p. 40) The old model of basing corporate stregth on industrial might and production capacity is becoming a thing of the past. Information is the new currency of corporate success, and with that comes a new primary asset and source of risk: people. Building the Plan "Apologetic Anemia in the Business Continuity Industry" D. Walch. (DRJ, Vol 17, 3, p. 72) Despite the fact that Sept. 11, 2001, had given all emergency and business continuity professionals a reason to be evangelical about their profession, we still sadly lack a voice in the boardroom. "Building a Business Case for Disaster Recovery Planning" K. Roden. (DRJ, Vol 17, 3, p. 76) Financially justifying requests to senior management for the funding of recovery planning and testing can prove a difficult task. "Part Two of a Two-Part Series: How to Steer Your Company to Emergency Preparedness" S. Watson. (CI, Vol 2, 3, p. 33) Regularly testing your company's business continuity plan is key to discovering potential points of failure before a disaster happens. "Six Lessons Learned by a New BC Professional" M. Barbara. (DRJ, Vol 17, 3, p. 62) The saga continues for the "New Kid on the Block," learning six important lessons after his first plan was completed. "Traditional Business Continuity Views Have Changed" M. Kowalski. (DRJ, Vol 17, 3, p. 74) Business continuity is no longer a stranger to change. No longer a "techie" responsibility handled by the IT department, effective business continuity planning is the responsibility of each business unit. Emergency Management "The Key to Disaster Response" P. Blaich. (DRJ, Vol 17, 3, p. 81) This essay will go beyond just describing the incident command system by explaining why it is likely to work well and what are some of the obstacles to its implemantation. Industry Specific Issues "False Alarms" D. Kersten. (GOV, Vol 36, 7, p. 55) In the aftermath of anthrax attacks, the Postal Service walks a fine line between caution and chaos. "Marine Cargo Security" J. O'Connell. (RM, March 04, p.30) Due to most cargo security efforts now focus on mitigating issues associated with terrorism, the commerical security of cargo shipments has long been a problem throughout the world. "No Surprise in these boxes" G. Hoock. (SEC, Vol 48, 3, p.105) It takes a crackerjack security program to make sure there's no hidden surprise inside cargo containers. "Sports Teams Take Second Look at Crisis Preparedness" T. BirkhahnC. Harris. (DRJ, Vol 17, 3, p. 50) Like any responsible corporation, a professional sports franchise must be aware of potential crises. As such, management teams in the professional sports industry must continually refine their processes, procedures and protocol to ensure the team, front office, and the brand can survive a crisis event. "Time To Check Out Liability Trends" R. Treville& A.Longmore-Etheridge. (SM, Feb. 04, p.61) Hospitalilty. How hotels can minimize their exposure to loss while maximizing the protection offered guest. Managing the Program "Blind Date with a Vendor" A. Drew. (DRJ, Vol 17, 3, p. 30) Lack of research puts many companies in a "blind date" situation when dealilng with vendors. "Conveying Corporate Continuity" M. Stansberry. (NTC, Vol 15, 11, p. 28) By developing standards at the corporate level, facility managers can aid in achieving company wide uniformity. "Law and Order: How Much Care is Required for Good BCP?" B. Brewer. (CI, Vol 2, 3, p. 55) Support from upper management in the form of sufficient resources, time and emphasis in the company's business model is critical for proper BCP and the long-term sustained viability of the company. "On Crisis Management and Rehearsing a Plan" J. Clark M. Harman. (RM, Vol 51, 5, p. 40) Effective crisis management depends on sound and swift decisionmaking, and neither can happen without some kind of pre-planning. "Ready for Section 404?" L. Baye. (DRJ, Vol 17, 3, p. 36) The cost of complying with the Sarbanes-Oxley Act is surprising many companies, especially mid-size. "Sarbanes-Oxley: Defusing the Section 409 Time Bomb" C. Braunstein A. Bowles. (DCM, Vol 24, 4, p. 12) Section 409 of the Sarbanes-Oxley Act of 2002 is potentially a one-paragraph time bomb for IT; it provides new requirements for disclosure of changes in the financial conditions of a firm. Record retention and real-time disclosure are keys to compliance. In the meantime, what does IT need to know to ensure that year-end dead-lines are met? "Serving the Ivory Tower: Managing Risk at the University of California" R. Vaughn. (RM, Vol 51, 6, p. 12) Managing the risk management program of this large and diversified educational institution is a mammoth undertaking that requires a staff of 33 risk professionals. Interestingly, of those 33 staffers, 21 of them are women, which illustrates how much the demographics of today's risk managers have changed from just 10 or 20 years ago. "Simple Tactics to Avoid the Pitfalls" K. Sachau. (DRJ, Vol 17, 3, p. 60) These basic steps can help you organize your BCP and help avoid the pitfalls. "Simulating Disaster Scenarios" K. Desouza. (DRJ, Vol 17, 3, p. 56) Simulating scenarios afford individuals to get acquainted with distant realities. "The BCP Role" T. Young. (DRJ, Vol 17, 3, p. 40) When organizations insist on "marrying" other areas of expertise to BCP, they can severely limit, if not eliminate the ability of a recruiter to provide suitable candidates. "The Importance of Being Earnest" H. Silverstone. (SM, Feb. 04, p.51) Financial Services. New corporate goverance laws hold top executives directly responsible for making an earnest effort to prevent fraud and ensure that financial disclosures are acurate. "Traceability" T. Phelan. (DRJ, Vol 17, 3, p. 16) Diseases like Mad Cow and recent terrorist attacks have sparked traceability programs around the world. But what are the implications for data storage and retrieval of all of this traceable information? "Up Front: The Impact of SOX on BCP" J. Stagl. (CI, Vol 2, 3, p. 5) There has been a substantial amount of speculation associated with an opinion published by the Public Company Accounting Oversight Board (PCAOB) regarding the use of BCP. Specifically, this opinion had to do with the use of BCP as a control in support of the regulations dictated by SOX. "Warding Off Evil Spirits" R. Wittliff. (SM, Feb. 04, p.66) Intellectual Property. In the real world the laws of trespass are clear; but how and when companies can charge interlopers with trespassing on their Web site is less certain. "What's Security Worth?" W. Palmer. (SEC, Vol 48, 3, p.53) Use these strategies to sell security's value to senior management. "You Can Never Go Home Again" L. Wisniewski. (DRJ, Vol 17, 3, p. 73) The bad news is that their recovery planning didn't give much thought to how operations would be brought back to the home office. Miscellaneous "Ask the EAB" S. Davis. (CI, Vol 2, 3, p. 51 ) What is the most important best practice for a company's business continuity plan? "Business Continuity Planning After Sept. 11" R. ChandlerJ.D. Wallace. (DRJ, Vol 17, 3, p. 24) This 2004 survey offers a unique "snapshot" from disaster recovery experts while providing the basis for comparison with an earlier survey, taken just days after the Sep. 11 attacks. "Global Risk Management Roundtable" Z. North America. (RM, March 04, p.12) SPECIAL SECTION: Risk management Magazine recently hosted several Fortune 500 risk managers to discuss the financial stability of global insurance markets-carrier solvency, the difficulties of renewals, the demands of new underwriting practices. This is just the latest in a series of ongoing special features bringing risk management's top mind together for candid discussions on the subjects that affect them most. Look for our next roundtable later this later. "Professional Development: Industry Commemorates Global BC Awareness Week" T. Mawson. (CI, Vol 2, 3, p. 56) BCP continues to gain national and international recognition, thanks to the efforts of the major organizations representing the profession. "Study Surveys Businesses Affected By WTC Attacks" K. Miller. (DRJ, Vol 17, 3, p. 25) The most significant observation in the study was that the organizations increased their business continuity spending between 2001 and 2003. "Top Business Continuity Priorities for 2004" N. Liberman. (CI, Vol 2, 3, p. 45 ) The Business Continuity Survey was conducted to understand business continuity practices and trends, and to determine utilization of and potential needs for notification systems. "Tracking the Storm: One Country's Story" R. Gordon. (DRJ, Vol 17, 3, p. 44) Located only 30 miles from the Gulf of Mexico coastline in Florida, the Leon County Sheriff's Office Division of Emergency Management remains proactive when it comes to hurricane season. "Volunteer to Expand Your Knowledge" B. Jilek. (DRJ, Vol 17, 3 p. 61) As I studied the 10 professional practices, I realized my "day job" didn't address beyond one or two practice areas. I aspired for a CBCP certification, so I found other ways to expand my career. "Weathering the Storm" S. Berens. (DRJ, Vol 17, 3, p. 48) Paxson Communications uses tape to protect its television advertising revenue. Public/Private Partnerships "Calling the Cops" S. Zeller. (GOV, Vol 36, 4, p. 38) Short on agents to nab illegal aliens, the Homeland Security Department is seeking help from sometimes reluctant city and state police. "Getting in Step" J. Peckenpaugh. (GOV, Vol 36, 6, p. 60) DHS agencies carefully choreographed a response to terrorist threats on New Year's "Industry Focus: Government Rethinking the Importance of Public/Private Partnerships" L. Goldstein. (CI, Vol 2, 3, p. 27) The separation between the public and private sectors is disappearing; continuity plans must take this into account. "Managing Technology" K. D. Schwartz. (GOV, Vol 36, 5, p. 60) Homeland Security is spearheading a two-phase technology program to stop potential attacks on commercial aircraft. "Moving Targets" G. Treverton. (GOV, Vol 36, 7, p. 40) Terrorists are everything the Soviet Union was not, and intelligence agencies are struggling to get a bead on them. Public/Private Partnerships: Homeland Security "Checks and imbalances" J. Parker. (SH, Vol 169, 5, p. 30) Amid fiscal woes, states struggle to bolster public health against bioterrorism. "Expanding the Horizons of Disaster Research" R. Dynes. (NHO, Vol 28, 4, p. 1) In light of current concerns regarding technology and terrorism, it is useful to recall the post- World War 2 emphasis on the importance of disaster for economic development. "From small clues to big picture" T. Anderson. (SEC, Vol 48, 6, p. 52) One lesson from 9-11 is the need to better connect the dots of intelligence data to see the picture of any looming threat. The Transportation Security Coordination Center is Attempting to do just that. "Is The Sun Rising On Security In Spain?" M. Gips. (SEC, Vol 48, 7, p. 44) As Spain assesses the ramifications of being an al Qaeda target, security professionals face many of the same challenges as private security in the United States. "Keeping Chaos Under Control" L. Mark Cohen. (SEC, Vol 48, 3, p.80) Find out how businesses, first responders, and government agencies are preparing to do their best if the worst happens. "Tagged: The Risks and Rewards of RFID Technology" W. Atkinson. (RM, Vol 51, 7, p. 12) Opening every container in a shipping yard was never practical, and even code (EPC) data such as a SKU number, cost, date of manufacture, date of shipping, etc. "When The Front Lines Are Local" L. Halligan& Rick Adrain. (, Feb. 04, p.70) Homeland Security. Several initiatives for training private security to adapt to new homeland security threats are underway. Here's a detailed look at one of them. Building Your Team "I know what you did last shift" S. Wood. (SEC, Vol 48, 4, p.53) A new study esamines why employees don’t report security concerns about coworkers and what management can do. Employee Preparedness & Protection "Fight or flight" K. Misovic. (S&H, Jan. 2004 Vol. 169, No. 1, p.38) Combating work-related stress takes commitment, communication "Not Just Another Day" J. Emery. (TFM, Vol 16, 5, p. 58) Having an AED in the workplace may assist a co-worker suffering a sudden cardiac arrest. "Stress: Risk Management's Most Serious Challenge?" W. Atkinson. (RM, Vol 51, 6, p. 20) The cost of stress on workers in U.S. organizations is startling. From 1997 to 2001, the number of workers calling in sick due to stress tripled. The National Safety Council estimates that up to one million employee absences per day are for stress-related reasons. "The Dynamcis of SARS" D. Ingram. (RM, March 04, p.8) Plotting the Risk of Epidemic Disasters. "The Heart of Your Business" J. Parker. (S&H, March 04, Vol. 169, No. 3 p.48) Set up an effective AED program for your company's employees "The Road to Rage" F. Rudewicz. (SM, Feb. 04, p.40) Workplace violence grows out of escalating patterns of aggressive behavior that managers must be trained to recognize & stop. Information Availability "A Model to Mirror Large Files on Internet" K. ZhaoT. Li, P. Yang, X. Jie Liu, L. Wang. (DRJ, Vol 17, 3, p. 69) This article, supported by the Natural Science Foundation of China, presents a special mirroring model which is applied to improve the backup efficiency of large files. "Are Full Backups Dead?" W. Preston. (STOR, Vol 2, 12, p.36) Tape may not be dead, but the way you use it can change. Consider increasing your use of incremental backup, particularly if you're integrating disk into your backup process. "Data at Risk" J. Toigo. (NC, 1.22.2004/Vol. 15 No. 1, p.37) Special Report: If your disatster-recovery setup isn't up to speed you're playing a high-stakes game with your orgainzation's critical business and financial data. We explore the DR strategies that can tilt the odds in your favor. "Defeating Downtime in the 24/7 Business World" N. Strokes. (CI, Vol 2, 3, p. 37) High-availability is no longer a luxury, but a requirement of doing business in today's environment. "Disaster Recovery Relief" M. Staimer. (STOR, Vol 3, 2, p. 30) The cost of disaster recovery tools can be even more than the value of the data that these very tools are supposed to be protecting. Fortunately, newer approaches to DR are restoring sanity to this high-pressure task. "Disk Encryption: Not Just For Paranoids" J. Moad. (STOR, Vol 2, 2, p. 40) Many companies are beginning to do something that years ago would have been thought of as overkill: encrypting data while it is sitting on the array. This article will help you decide if this is something your company should do. "Extreme Backup" A. Taneja. (STOR, Vol 3, 2, p. 38) Newsflash: Conventional data protection has reached its limits and will be dramatically changing in the next couple of years. But all roads don’t lead to the same result. Here's how to analyze which route is best for you. "Keeping Your Data In Sync" R. Beall. (NC, 3.4.2004/Vol. 15 No. 4 p. 93) Workshop. File-synchronization tools let you consolidate information for backup and restore data after disaster. We help you sort through commercial and free-ware options. "Modular Arrays Earn New Trust" J. M. Wendt. (STOR, Vol 2, 2, p. 54) Modular arrays have come a long way recently, but are you ready to risk all of your company's mission-critical data on them? "Plan on Disk-Based Backup" S. O'Neill. (STOR, Vol 2, 2, p. 48) Will 2004 be a breakthrough year for disk-based backup solutions? A new survey of Storage readers finds that while users are reluctant to completely eliminate tape from their backup environments, many are planning to deploy disk to complement tape in the next year. "Remote Dr: Faster, Farther and Cheaper" M. Staimer. (STOR, Vol 2, 12, p.42) Post-Sept. 2, you need to consider disaster sites that are geographically distant from your main data centers. Remote replication software, IP storage and new techniques for long-term storage are changing the DR distance equation. "Tale of the Tape" S. Schuchart. (NC, 3.4.2004/Vol. 15 No. 4 p. 73) Review. When it comes to backup good old reliable tape remains the method of choice. We tested seven tape-backup products. Computer Associates' BrighStar Enterprise Back 10.5 won our Editor's Choice award. "Wi-Fi vs. Bad Guy" D. Molta. (NC, 3.4.2004/Vol. 15 No. 4 p. 36) Thanks to new and improved security standars and monitoring devices you can finally build a WLAN that deeps data thieves at bay. "Wrestling with Regulations" B. O'Brien. (STOR, Vol 3, 2, p. 44) In the health care industry, complicated regulations such as HIPAA, combined with new technologies that require enormous amounts of storage, are driving storage managers to the emergency room. Information Management "Averting Document Disaster" S. Doherty. (NTC, Vol 15, 5, p. 48) Need help managing your document overflow? We tested five DM systems that find lost contracts and keep you in compliance with regulations for records management. See why Hummingbird Enterprise 5.1 earned its wings. "Case Study: Secure, Instant Access to Information Is Critical for Patriot "Act Complilance" C. Grant McDaniel. (CI, Vol 2, 3, p. 48) Leading broker/dealer depends on access infrastructure technology for Patriot Act compliance by increasing IT efficiency, data security and user flexibility. "Case Study: Strategic Pre-Planning Yields an E-mail Recovery Solution Just in Time" P. GrazioliD. Ryan. (CI, Vol 2, 3, p. 41) An e-mail continuity system maintains critical communications link for a broadcasting station group during the Northeast power outage. "Drowning in Documents" S. Doherty. (NTC, Vol 15, 5, p. 40) There are solid business reasons to implement a data-management system- it's not just about Sarbanes-Oxley. We tell you how to handle the document deluge. "Forecasting the Weather Inside Your Data Center" D. Robb. (dcm, March/April 2004, p.18) Features. Data center managers cannot afford to overlook the physical threats of Mother Nature while worrying about cyber-attacks. A change as minor as air-conditioning temperatrue can hae a adverse effect on equipment. Find out how combining SNMP with newer network monitoring software can protect your data center in the event of floods, fires, brownouts, and more. "Mass Exodus: The Movement of Data Off Site" F. Brick. (DRJ, Vol 17, 3, p. 78) Executives are challenging IT organizations to find ways to better protect their mission-critical data more cost effectively and off site. "The Business Value of Data" M. Croy. (DRJ, Vol 17, 3, p. 20) Currently ,There is a limited set of tools available to help identify the value of an organization's data, monitor its useful value, and migrate data to storage that is commensurate with its present value. Infrastructure Management & Design "Suppression Progression" P. Piazza. (SEC, Vol 48, 7, p. 71) An IT room is now safe not only from fire but from the damage an outdated suppression system might have done. Information Security "A Patch in Time" P. Lindstrom. (IS, Vol 7, 2, p. 26) Automated patch management solutions ease the pain and cut costs of plugging security holes. "Advanced Screening" J. Snyder. (IS, Mach 2004, Vol. 7 No. 3, p.32) Cover Story. We evaluated six leading firewalls to see how well they defend against application-layer attacks. "Are You Prepared?" F. Trickey. (IS, Vol 7, 1, p. 50) Here's a business blueprint for an effective security incident management program. "Avoiding Litigation Pitfalls: Practical Tips for Internal E-mail" B. Sloan. (RM, Vol 51, 7, p. 38) There are already many articles to be read on electronic discovery, retention and destruction policies, spoliation, methods of recovering electronic data, etc. "Blindsided" S. Harris. (GOV, Vol 36, 7, p. 48) Zero Day attacks come without warning, exploiting computer weaknesses. They're poised to proliferate, and there's no defense. "Building up System Defenses" C. Banzhof. (SEC, Vol 48, 1, p.89) Hackers are relentlessly looking for holes in the corporate network. Find out how to fight back. "Crossover" D. Radcliff. (IS, Vol 7, 6, p. 34) Physical and IT security convergence seems just one leap away… and may remain that way. "Defenses Morph as Viruses Mutuate" P. Piazza. (SEC, Vol 48, 3, p.67) Traditional antivirus protection has been outpaced by new types of malicious code, challenging companies to find more effective solutions. "Exposed" E. Skoudis. (IS, Vol 7, 6, p. 22) Your desktop AV may be leaving you wide open to attack. "Hard Sell" C. Cresson Woood. (IS, Mach 2004, Vol. 7 No. 3, p.64) Policy & Process. Ten ways to justify a risk assessment to upper management. "How not to tell all" R. Isaacs. (SEC, Vol 48, 5, p.101) Companies need to assess what information is critical to protect and educated staff on the wily ways of information thieves. "Infosec Economics: New Approaches To Improve Your Data Defenses" L. GordonRobert Richardson. (NTC, Vol 15, 6, p. 67) Information security managers can take a lesson from those who study the economics of cybercrime. "Inside the NIP Hype War" M. Fratto. (NTC, Vol 14, 17, p. 38) Vendors of network intrusion prevention systems are touting NIP devices as the savior of enterprise networks, but some analysts say they're a total waste of money. We guide you past the hype to uncover what NIP devices can really do to secure your network. "Last Line of Defense" M. Demaria. (NTC, Vol 15, 8, p. 38) Perimeter security is not enough-attackers can strike from any angle. You need a proactive, host-based approach to protect your endpoints from multifrontal assaults. "Microsoft's Paradox" L. Walsh. (IS, Vol 7, 1, p. 46) Two-years ino Trustworthy Computing, the software giant faces the daunting challenge of winning and keeping customers amid periodic setbacks. "NIP Attacks in the Bud" M. Fratto. (NTC, Vol 14, 17, p. 47) We put NetScreen's IDP 500 and Network Associates' McAfee IntruShield 4000 to the test, scrutinizing their detection, management, performance and reporting capabilities. IntruShield 4000 took the lead, but IDP 500 is a strong contender for sites with less than 500 Mbps of network traffic. "Perimeter Security Lockdowm: Open Source and Proprietary Software Square Off" E. M. Ferrarini. (DCM, Vol 24, 4, p. 26) There is no fail-safe solution for data center network security, but you can weigh the differences between open source and proprietary sofware by looking at reliability, ease of use, security, price, and more to help ensure a near airtight security system in your facility. "Prove It" E. Sherman. (IS, Vol 7, 5, p. 24) Get you security act together or Rep. Adam Putnam and Congress will do it for you. "Reckoning it Risks" L. Wagner. (SEC, Vol 48, 6, p. 111) The first step toward information protection is defining the risks. "Red-Zone Defense" K. Beaver. (IS, Vol 7, 2, p. 38) New technologies help keep your intellectual property under lock and key. "Route to Security" M. Kaeo. (IS, Mach 2004, Vol. 7 No. 3, p.50) Techknowledge. Your network control valves are a target of choice for DDoS and man-in-the-middle attacks. "Save Your Ship" G. Shipley. (NTC, Vol 15, 6, p. 36) Patch proliferation is a harsh reality. It's time to get your technology strategies and processes in a row, so you can keep your organization afloat when malicious threats hit. "Secure to the .99999s" E. Sherman. (IS, Vol 7, 6, p. 52) Security can learn a lot from Six Sigma, CMM and other established business methodologies. "Securing Air" J. Edney. (IS, Vol 7, 5, p. 30) Sending data over the airwaves is risky. Wireless access controllers assure safe passage. "Shocking Precedent" E. Hurley. (IS, Vol 7, 2, p. 44) Downstrem liability lawsuits could make your organization a victim twice over. "Stop, Read & React" M. StefaniuR. Garigue. (IS, Vol 7, 2, p. 54) Concise, targeted security reports command executive attention. "Surviving an Audit" G. Wrenn. (IS, Vol 7, 4, p. 54) A security review doesn't have to be a sink-or-swim proposition. "Taking Aim" J. Snyder. (IS, Vol 7, 1, p. 34) Target-based IDSes squelch network noise to pinpoint the alerts you really need to know about. We review three solutions to see if they hit the bull's-eye. "Tech Talk: Managing IS White Space" S. Stahl. (CI, Vol 2, 3, p. 53) By managing IS white space from the top-down and making the security of critical information an organizational objective, copanies can identify security gaps and avoid debilitating performance challenges. "The Bigger They Are, The Harder They Fall-Except When They're SoBig:This most recent email worm attack proved whether or not machines were infected, viruses could wreak virtual havoc. T. Condon. (NTC, Vol 15, 10, p. 16) The recent SoBig worm created technological gridlock with its widespread infection of e-mails across the nation. The Facility Technologist looks at strategies to protect individual computers from worms and viruses. "The Enforcers" D. Joachim. (NTC, Vol 15, 3, p. 40) When network administrators at the University of Florida deployed their homegrown P2P-blocking software, Icarus, to enforce acceptable-use policies, they clipped students' file-sharing wings and fanned the debate over how much policing is too much. "The Evolution of a Security Solution" A. Yee. (SEC, Vol 48, 6, p. 89) Current intrusion detection and prevention products are evolving into a new generation of smarter and more effective tools. "The Weak Link in IT Security" J. Wade. (RM, Vol 51, 7, p. 32) Increasingly powerful IT applicatoins have become the mainstay of modern business technology. The risk of viruses, unauthorized data access and electronic vandalism, however, all make strong IT a must. "What are hackers thinking?" D. Radcliff. (NW, 3/1/04, p.40) Features. Understanding their behavior and motivations can lead to better network security. We analyzed three real cases-a digital break-in at a financial institution, the rooting of a n e-commerce hosting provider and insider information theft-to identify the attach patterns and the coutermeasures you can take to protect against them. "Workshop: The 10 Deadly Sins of Wireless" D. Molta. (NTC, Vol 14, 16, p. 73) When it comes to wireless LAN deployments, the path to paradise is narrow and it's easy to go astray. Here's how to avoid the 10 most dangerous pitfalls. "You're Fired!" L. Walsh. (IS, Mach 2004, Vol. 7 No. 3, p.44) Expose. Nothing motivates policy compliance like the threat of a pink slip. Infrastructure Management & Design "The Proper Prescription" J. Gulinello, A. Longmore-Etheridge. (SEC, Vol 48, 3, p.59) Recruitment, screening, training, and commitment are the keys to building a quality guard force. Safety "Osha compliance made easier: Facility manageres' inquiries about worker safety are only a Web sIte away." J. Kelly. (NTC, Vol 15, 11, p. 32) With the creation of OSHA's Web site, people interested in safety issues and legislation have a valuable resource that's easily accessible. Safety & Security "21st Century Civil Defense" J. Paradise. (Journal NFPA, January/February 2004/Vol. 98, No. 1, p.40) Cover Story. In the face of a new national threat, NFPA again embraces the accelerating demand for consensus-based guidance, comprehensive training, and life-safety education. "A better focus on surveillance" F. Miskulin. (SEC, Vol 48, 4, p.67) Find out how one bank brought everything into focus after numerous mergers led to a hodgepodge of surveillance systems. "Beware: Danger Ahead" T. Condon. (TFM, Vol 16, 6, p. 18) The Facility Technologist Provides high tech and low tech solutions to serious life safety concerns. "Building a stronger foundation" J. Ricci. (TFM, Vol 16, 3, p. 35) More attention on security may not translate into larger budgets, but professionals can still make smart decisions to safeguard their facilities. "Business Continuity Planning" J. Parkinson. (TFM, Vol 16, 4, p. 29) Facility professionals must deal with potential crisis situations. Adequately planning for these scenarios is a comprehensive task. "Correcting Mold Misinformation" R. Gots. (TFM, Vol 16, 4, p. 24) There is a great deal of incorrect information about mold, and facility professionals need to know the myths associated with it. "Diagnosis Security" J. Crumbley. (SEC, Vol 48, 4, p.77) How one hospital assessed and improved its physical security and loss prevention programs. "How to assess resource allocation" B. Warren. (SEC, Vol 48, 5, p.75) A healthcare operation uses a self-assessment point system to see how well security resources are being allocated and to justify security expenditures to management. "If onlys becomes never again" S. Reese. (Journal NFPA, January/February 2004/Vol. 98, No. 1, p.52) In the year since the fire at The Station nightclub, NFPA has made sweeping changes to the codes governing safety in assembly occupancies to ensure such a tragedy doesn't happen again. "Inoculating against murphy's law" M. Roberts. (SEC, Vol 48, 5, p.67) Learn how one hospital boosted its immunity by layering its security practices. "Orchestrating an Integrated Performance" T. Braden. (SEC, Vol 48, 7, p. 127) A physical security program should harmonize four core components, including the oft-over-looked human factor. "Reducing Mold Concerns" C. Beyer. (TFM, Vol 16, 2, p. 18) New interior products are being introduced into the market in an effort to alleviate mold growth. "Robots to the Rescue" L. Scott. (NFPA, Vol 98, 2, p. 40 ) Innovation, say developers, is the key to robots meeting the challenges life safety often presents. "Striving for zero" K. Gaspers. (SH, Vol 169, 4, p. 30) The making of a safe company means a lot more than just good numbers. "The Air We Breathe" M. Stransberry. (TFM, Vol 16, 1, p. 22) There are important HVAC issues facing the industry. A lengthy discussion of these problems as well as potential solutions are reviewed. "The Gang's all here" M. Witkowski. (SEC, Vol 48, 5, p.95) Companies that aren't aware of the risk posed by gangs may expose themselves to increased crime, violence, and liability. Management "Satellite Wars" S. Harris. (GOV, Vol 36, 4, p. 56) War and terrorism sparked government's huge new demand for bandwidth, now companies are battling one another to fill it.
|
