The Remediator Security Digest

January 2004

Issue 5

[ TELL A FRIEND ]

The Weakest Link: Social Engineering - "We've met the enemy, and it is us." (Pogo)

Balanced Security - An Oxymoron?

Secure networks versus information sharing

The Remediator Security Digest interviews David Barnhill,
Senior System Specialist of University of Kansas Academic Computing Technical Services

In education, information security is almost an oxymoron. Those in academia are in the business of sharing information, an act that often endangers attempts to secure it. The challenge is to both allow for the frequent exchange of information and to protect it.

A successful security model in the academic arena has much to offer the corporate IT manager. What can businesses learn from their example? Many businesses value information sharing, especially in business-to-business relationships where companies have partnerships and must keep communication lines open.

Recently, The Remediator Security Digest spoke with David Barnhill, Senior System Specialist of the University of Kansas Academic Computing Technical Services, about some of the unique security issues facing universities today.

[ Read More ... ]

Editorial Corner

Plan for a safe 2004

Here we are in a new year, 2004. It’s a great opportunity to implement and follow through with new security policies. Need ideas? Readers provided a lot in response to last month's dilemma in how to handle the boss when he won’t lock up his computer. The readers’ answers provide great suggestions for motivating people to get serious about security.

David Barnhill, University of Kansas, has worked in educational institutions most of his career. He shares how colleges make security a priority without choking on the most important thing to education: information sharing.

As always, we love your feedback and questions. This reader survey is short and takes little time to do. To reward you for your time, we'll enter your name in a drawing where you could win a PAIR of Garmin Rino 110 GPS.

Best wishes,
Meryl K. Evans
Editor

Reader Survey

Complete our 1-minute reader survey and you could win a PAIR of Garmin Rino 110 GPS.

Spotlight

Introduction
by Marcin Policht, ServerWatch

Subscription

Partners

Resources

Computer Security Institute

Conferences

Archives

Issue 13

[MORE]

Security Resources

SB1386: California's Required Notification Law

Helping prevent identity theft (PDF)

by Brad Bolin, Attorney and Sr. Security Consultant, Shavlik Technologies, LLC

Shavlik's Brad Bolin speaks on

Risk Management:
The Lingua Franca of the Modern Business Organization

This premium event maximizes your educational experience
for your everyday use in the workplace

What's Your Best Advice?

Last Issue's Security Dilemma:

We've got a big security concern and its name is B-O-S-S

"He's done it again! Doing my usual rounds, I saw the boss' workstation wasn't locked down. It was tempting to teach him a lesson, but I like my job. I'm sure I'm not the only one seeing red in watching a manager or executive get sloppy about security. I'm not in the position to tell him off, so how should I get a handle on getting management straightened out and on board with following security standards?"

- Luis A., Senior Technical Consultant

Read the best advice from readers of The Remediator Digest

This Issue's Security Dilemma:

Security Leadership Vacuum

"Our company has a limited security practice embedded in the network operation group, but no security leadership. Our physical security group has the experience to provide guidance, but is purposely not included in information security discussions because they are not technical experts. How do you handle such a situation and get the two groups playing like a team instead of against each other?"

- Michael G., Securities Analyst

Can You Help?