Information security policies

You may need to do a quick third-party registration to access certain ones. Resources without a hyperlink are no longer published/posted.

Articles
  • Security policies matter, but only so much
  • Security’s new focus: defensibility
  • Why you have to look past security policies for real improvements
  • When security policies are bad for business
  • People are violating your security policies and here’s why
  • Best practice tips for your password policy
  • Maybe there is a patch for stupid
  • Security strategies or tactics – Where should you focus?
  • Six areas of importance in the PCI Penetration Testing Guidance
  • Niche security flaws should NOT be your focus
  • Key Network Security Questions You Need To Ask Your Cloud Vendors – Now!
  • Everything happens for a reason in security
  • How one bad decision brought down an enterprise e-commerce site in minutes
  • With security, periodic and consistent is key
  • The science behind bad passwords
  • When your lawyer becomes your CISO
  • The compliance crutch holding up Corporate America
  • The fallacy of information security awareness and training
  • The funny thing about “confidential” information
  • Open your eyes and you’ll see the light
  • Steering your career as a desktop admin in the mobility age
  • The mindset of everyday employees and their impact on security
  • Why a CIO’s relationship with enterprise IT security is important
  • Top 10 Insider Threats and How to Protect Yourself
  • Top 5 network security vulnerabilities that are often overlooked
  • Beware the perils of organization-wide compliance policy involvement
  • Audits, maintenance crucial to business continuity policy success
  • A thorough data retention strategy needs more than just IT oversight
  • Explaining the why of Web application security
  • Why people violate security policies
  • Common Linux Security policy management gaps
  • Priorities for your sound regulatory compliance management policy
  • Security policy oversights and mistakes we keep making
  • Priorities for your sound regulatory compliance management policy
  • Data retention policies and procedures for SMBs
  • Gathering and documenting your Windows desktop security policies
  • Windows desktop security standards documentation best practices
  • Effective storage security policies
  • Database-related security policies to think about
  • Thirteen data retention mistakes to avoid
  • Building better password policies
  • Effective storage security policies
  • Sample e-mail policy template and checklist of concerns
  • Effectively enforcing email policies
  • Six essential security policies for outsourcing
  • Quick policy checklist
  • FAQ: E-mail security policies
  • Where do you draw the line on employee monitoring?
  • Q&A: Employee monitoring: Is Big Brother a bad idea?
Podcasts
  • Security Policies for Windows Systems
Webcasts
  • Advances in Internet Filtering – Internet filtering used to be about blocking URLs and email addresses. It was lacking in features and difficult to implement, but things have changed. Instead of rogue network administrators playing “big-brother” with tools only they knew how to use, Internet filtering has evolved into a feature-rich risk management tool for various managers to use throughout the business. This webcast shows you the importance of Internet filtering within your organization and details what you can do to manage and implement an effective Internet filtering solution. I outline gaps in older Internet filtering technologies as well as powerful new technologies that allow you to actually manage Internet usage with sustainable and repeatable processes.
  • Internet Filtering: What You Don’t Know Can Hurt You – Have you ever wondered how the Internet is being used or abused in your organization? Do you suspect nefarious web and messaging behavior is taking place behind the scenes but you don’t know how to wrap your arms around the problem? If so, check out this webcast and discover internet filtering strategies that can help your company monitor internet usage, increase overall security and assure compliance. In this webcast I outline the threats, vulnerabilities, and risks you may not have thought about regarding Web, IM, and email filtering and monitoring.
  • Exploring the pros and cons of employee monitoring – Employee monitoring has become a highly charged topic over the past several years. This webcast explores the reasons why you should and should not consider monitoring your employees’ computer activities.

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)

 

I’ve written/co-written 12 books on information security including: