 |
Technology Security Issues in Arkansas State Security Office Newsletter |
|
| ||||
|
State Security Office
• AUTIS Annual 2006 Conference - June 8th & 9th, Hot Springs , AR • 2006 North America Computer Audit, Control & Security Conf - May 7-11, 2006, Orlando, FL • Computers, Freedom and Privacy Conference (CFP 2006) - Association for Computing Machinery May 2-5, 2006. Washington, DC • Conference on Data Protection and Security - International Association of Young Lawyers. May 5-6, 2006. Washington, DC | ||||
|
Physical security is a critical component of an effective information technology security architecture. In the past, guards and cameras were in place to monitor buildings and assets. Data centers were fortified rooms in buildings with limited access. Now computer systems containing sensitive information are found throughout work environments. Guards have been replaced with receptionists and an organization’s employees can be a major threat to information confidentiality. Laptops and personal digital assistants (PDAs) containing sensitive information leave the workplace every day, becoming easy targets for theft. Fifteen-and-a-half percent of the respondents to the 2005 FBI Computer Crime Survey reported theft of laptops, desktops and PDAs. Information breaches are becoming more attributable to stolen computers. Disaster recovery plans are an important aspect of physical security because they ensure availability of systems and data. Good procedures for effectively removing sensitive data from machines are necessary to maintain the confidentiality of information. Although physical security is more difficult to maintain with distributed computing environments, it is essential to assess the physical risks to information technology resources and create provisions to mitigate those risks. Physical Security Bridge to IT Security (PHYSBITS) - A vendor-neutral approach for enabling collaboration between physical and IT security to support overall enterprise risk management needs - Open Security Exchange <Get PDF> Trends 2005: Security Convergence Gets Real - In 2005, companies in Europe and North America will increase spending nearly threefold on projects that combine traditional physical security controls with IT security - Forrester Research <Get PDF> Domain Spotlight on Physical Security - Security School for CISSP Training <Read More> Protecting Portable Devices: Physical Security United States Computer Emergency Readiness Team - US Computer Emergency Readiness Team (CERT) <Read More> Allow Only Appropriate Physical Access to Computers - Carnegie Mellon Software Engineering Institute <Read More> |
State Security Standards & Best Practices
Draft Policies, Standards & Best Practices Under Development
Physical Security |
|||
|
March 2006 - Infosec Pros Need to Get 'Physical' - SearchSecurity.com <Read More> January 2006 - ID Management Gets Physical - Government Computer News <Read More> November 2005 - New Study Finds the Convergence of Traditional and Information Security Functions Necessary... - Information Systems Audit and Control Association (ISACA) <Read More> January 2005 - Computer, Physical Security Expected to Merge - CNET <Read More> December 2004 - Two Converging Worlds: Cyber and Physical Security - Federal Computer Week <Read More> June 2004 - Physical and IT Security Convergence Seems Just One Leap Away... - Information Security Magazine <Read More>
|
||||
| ©
2006 |
||||