On 12 Apr 2005 at 19:35, Stephen Bird wrote:
> I've found the booklet here http://tinyurl.com/5y9gg to be very good although
Nice document, here is the outline for the document I've started putting
together, see anything missing?
INTRO
- security and ease of use at opposite ends of spectrum, everything else is a
tradeoff
- it always more expensive than you think
- do it right the first time rather than having to do it twice
ISSUES
- data integrity - are machines and hardware in good shape - data corruption
- data protection - malware corruption
- hardware failures
- malicious destruction
- backups - like insurance, expensive but worth it
- give examples of horror and happy stories from my
and client
experience
- productivity - older machines slow things down, especially with required
security measures
- security - related to data integrity and protection
- host based security - updates
- user training - what not to do/what to do
- social engineering
- firewalls/antivirus/antimalware/antispam
- desktop based vs. server based and centralization vs spread
out
- authentication - who's using your computers/data
- passwords
- email - the good the bad and the ugly
- internet access - securing, wireless and authentication
- broadband, double edged sword security wise, pretty much a
necessity
these days to stay up to date
- identity theft - shred paper documents
- destroy hard drives (or use dban) for machines given away
(donated, staff etc)
- software - licensing - normally 1 computer/license
- keep track of licenses
PAPERWORK
- AUP - acceptable use policy, all staff to sign off on
- privacy policy
- Disaster recovery plan - offsite storage of backups
- PIPEDA and privacy acts
http://www.privcom.gc.ca/legislation/02_06_01_e.asp
- Risk management - how much is enough
DOCUMENTATION
- lots of it, kept in secure location
OVERVIEW
- summarize above
USEFUL LINKS
(specific to home computers)
http://www.cert.org/tech_tips/home_networks.html
(general computer security tips)
http://www.cert.org/tech_tips/
(managing security - lawyers office context)
http://www.practicepro.ca/practice/pdf/ManagingSecurityPrivacy.pdf
(safe surfing - targetted to kids, but good for beginning and non technical
adults)
http://www.bewebaware.ca/english/default.aspx
--
Harondel J. Sibble
Sibble Computer Consulting
Creating solutions for the small business and home computer user.
[EMAIL PROTECTED] (use pgp keyid 0x3AD5C11D) http://www.pdscc.com
(604) 739-3709 (voice/fax) (604) 686-2253 (pager)
--
----------------------------------------
WIN-HOME Archives: http://PEACH.EASE.LSOFT.COM/archives/WIN-HOME.html
Contact the List Owner about problems: [EMAIL PROTECTED]
Unofficial Win-Home List Members Profiles Page
http://winhome.wavijo.com/
