• 11 Mar 2010

    Trouble getting policy buy-in? Make ’em self-executing.

    If you're having trouble getting security policies on the radar of management and users - much less getting the real buy-in you need, don't fret - there is a possible solution.It's an idea I got from Louise Slaughter (good name for a politician) and her attempt to force Obamacare on us. Simply make your policies "self-executing". In other words, you write the policies and include verbiage in each one that ...

    Continue Reading...
  • 05 Feb 2010

    My latest information security content

    Here are my latest information security articles covering policies, internal threats and employee monitoring, and (when all else, fails) incident response. Enjoy!Security policy oversights and mistakes we keep makingThe real deal with internal security threatsMonitoring user activity with network analyzersLack of incident response plan leaves hole in compliance strategyIncident response – the often overlooked component of business continuityAs always, be sure to check out www.principlelogic.com/resources.html for all of my information ...

    Continue Reading...
  • 15 Jan 2010

    I’m featured in the new issue of Entrepreneur Magazine

    Check this out. I'm featured in the January 2010 issue of Entrepreneur Magazine's Ask A Pro section where I talk about employee monitoring:Entrepreneur Magazine, January 2010. © 2010 By Entrepreneur Media, Inc. All rights reserved. Reproduced with permission of Entrepreneur Media, Inc.In this piece, it may not be clear whether or not I support monitoring of employee email so let me clarify. I'm not for micromanagement and Big Brother but ...

    Continue Reading...
  • 04 Jan 2010

    My latest security content

    Here's some more new information security content - stuff on network administration, employee monitoring, checklist audits, and more. Enjoy!How to get - and keep - user support with security How to get management on board with Web 2.0 security issues Underlying causes of inconsistent patch management Are your IT administrators trustworthy? Monitoring user activity with network analyzersPriorities for your sound regulatory compliance management policy Go beyond a checklist audit for ...

    Continue Reading...
  • 09 Oct 2009

    My latest security content

    Here are a couple of new articles of mind that were just published. Many more to come. Enjoy!Balancing Windows security with reasonable password policiesStorage encryption essentialsBe sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts, Twitter updates, and more....

    Continue Reading...
  • 27 Jul 2009

    Good business impact analysis template

    Happy Monday! I just came across this sample business impact analysis template you can use to fine-tuning your DR plan. You do have a DR plan, right?...

    Continue Reading...
  • 20 Jul 2009

    Imagine signing off on something you haven’t read

    Jeff Jacoby with the Boston Globe made an excellent point in his article regarding the Read The Bills Act (the law we need to prevent our own lawmakers from carelessly passing laws they haven't read nor understand).Jeff said: "Senators and representatives who vote on bills they haven't read and don't understand betray their constituents' trust. It is no excuse to say that Congress would get much less done if every ...

    Continue Reading...
  • 07 Jul 2009

    My latest security content

    I'm taking this week off but I've scheduled this post of three new articles I've written that you may be interested in:Networking to enhance your IT careerA compliance officer, secure network aren't enough for real complianceData retention policies and procedures for SMBsAs always, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, webcasts, screencasts and more....

    Continue Reading...
  • 24 Jun 2009

    My latest security content

    Here's my latest information security content you may be interested in:Gathering and documenting your Windows desktop security policiesSecurity essentials for Active Directory on LinuxWindows server hardening: How much is enough?Top Windows server hardening standards and guidelinesCommon Active Directory security oversightsDesktop security preparation for a new wave of Windows appsWindows desktop security standards documentation best practicesAs always, be sure to check out www.principlelogic.com/resources.html for all of my information security articles, podcasts, ...

    Continue Reading...