- Securing information is complicated by the relentless threat aura of unauthorized access and unanticipated system breakdowns. To counter this dynamic threat, decide on your acceptable level of risk and continuously monitor the efficacy of your security system against that benchmark.
- Instead of something separate, factor security needs into the information systems development life cycle, integrating it into the highest executive levels of capital and re-investment planning. Identify the security gap and assess their costs and advantages at the "enterprise" level of institutional re-investment and at the "system" level.
- Servers are a favorite target for hackers because they process and store confidential personnel and operational information. Develop a security plan for each server prior to installation, well before it becomes a production machine. This plan should include the server's operational and support personnel requirements and their associated security risks.
- The amended IEEE 802.11i specification introduces the Robust Security Network to improve the standard for wireless local area networks. An RSN includes wireless endpoint stations, access points, the institution's legacy infrastructure authentication servers, which validate access to communication services. The AS server makes the RSN "robust." The amendment also recommends specific protocols and encryption algorithms to maintain information confidentiality and integrity across a WLAN.
previous post