Re: Securing E-mail

[Total Enterprise Security Solutions]

National Institute of Standards and Technology (NIST) spends a lot of tax payer dollars hiring the best of the security profession to develop a series of security standards for private industry and various government agencies. This series of documents are available to all and cover secure email, firewalls, security network architecture, security awareness, etc.  NIST has been doing this for a great number of years and considered by many countries and professionals to be an authority on security best practices.  In fact the Common Criteria is considered one of the best practice standards here and in Europe.  Most, if not all of the proposed security rule can be found in some NIST document and many of those documents are referred to in the security rule.  That why its best to seek out consultants who has an in-depth knowledge of NIST best practices. Information security is a very complex profession which covers 10 domains of security and address processes, security tool configuration, and risk solutions. In my opinion, one does not become a security professional until he has over 10 years in security, 20 years in IT, certified and hits the ground running without supervision with outstanding deliverables.  You can get to the 800 series publications via this URL: http://csrc.nist.gov/ then click on publications on the left side menu bar.  Make sure that you check out draft publication which you will find one on secure email out for comment by the public.  This will give you the opportunity to voice your concern and opinions on secure email best practices.     Walt Kobus, CISSP (919) 345-7449 [EMAIL PROTECTED]  ********************************************************************** To be removed from this list, go to: http://snip.wedi.org/unsubscribe.cfm?list=privacy and enter your email address. download : http://explorer.msn.com