- Articles
- Authors
- Blogs
- ISA Server Articles
- Links
- Message Boards
- Newsletter
- RSS
- Security Tests
- Services
- Software
- White Papers
Network Security Library
Network Security Library / Policy & Standards
- PCI DSS made easy
- Date - Jun 27, 2007
- Addressing the Payment Card Industry Data Security Standard (PCI DSS).
- The Regulatory Compliance Planning Guide
- Date - Jun 15, 2006
- IT professionals who must ensure regulatory compliance for the IT systems of the organizations in which they work can be in a difficult position. To help address these needs, Microsoft has created the Regulatory Compliance Planning Guide. The guide is designed to help IT professionals and others interested in regulatory compliance in a number of ways.
- Strengthen Security with an Effective Security Awareness Program
- Date - Apr 12, 2006
- You can have everything in your Security Arsenal perfect. Your team is ready, but is everyone else prepared? This article will help insure you have everyone aware and helping you maintain the security you have worked hard to achieve.
- Applying the Principle of Least Privilege to User Accounts on Windows XP
- Date - Feb 01, 2006
- This document discusses the issues and concerns that organizations may face when they apply the LUA approach to computers that run Microsoft Windows XP. This paper also describes the high-level issues that affect implementation of the LUA approach and provides useful links to other online resources that explain these concepts in more detail.
- Assessing Your Security: Advice on Assessing your IT Security Posture
- Date - Aug 24, 2005
- Most people will agree that Information Technology (IT) is changing or altering business processes and work environments at a dizzying pace. Unfortunately for those responsible for maintaining the security posture of these processes and environments, security changes faster.
- The Shortcut Guide to Network Compliance – Chapter 4 - Network Compliance Best Practices and Methodologies
- Date - May 26, 2005
- By managing compliance requirements as you would any other type of business policy, and by implementing tools that can automate compliance and configuration management, maintaining a compliant network can be straightforward. Another way to simplify compliance management is to implement best practices and sound methodologies for managing your network, which is what this chapter is all about.
- The Shortcut Guide to Network Compliance – Chapter 1 – Understanding IT Compliance
- Date - May 04, 2005
- This guide explores the underlying meaning of IT compliance, apart from all the hype and publicity. It will explain how the IT industry has been handling compliance for decades, and how new technologies and techniques can help you better handle compliance moving forward. To prove that compliance has always been with us, we’ll focus on an often-overlooked area of IT—the network infrastructure.
- Practical Guide to Compliance Security & Risk – Part 1 – Assuring Compliance
- Date - Feb 17, 2005
- In today’s integrated, regulated, litigated environment, it is necessary to provide assurance to customers, business partners, regulators, and sometimes even the courts that you have done your due diligence in securing your IT infrastructure. New and updated United States laws are increasingly making corporate management responsible for ensuring compliance, as companies face substantial fines and penalties for not doing so. Existing and emerging global security and privacy laws and regulations make keeping up with multinational compliance requirements imperative.
- Building and Implementing a Successful Information Security Policy
- Date - Jun 25, 2003
- Most recognize the necessity of having a security policy, but designing and successfully implementing one throughout your organization can be quite an intimidating task. To take the pain out of this process we are providing you with one of the most comprehensive guides on the design and implementation of an effective security policy for your company. To make this guide available to the entire community we have opened web distribution rights, allowing you to freely host this guide on your website and share it with colleagues.
- Back to Information Security Basics
- Date - Nov 18, 2002
- Several advises about organizing of your network security.
- How to develop a Network Security Policy
- Date - Oct 16, 2002
- Almost all steps.
- An Overview of Corporate Information Security
- Date - Oct 16, 2002
- Combining Organizational, Physical & IT Security.
- 10 Tips for Creating a Network Security Policy
- Date - Oct 16, 2002
- Very short.
- Site Security Policy Development
- Date - Oct 16, 2002
- Australian CERT recommendations.
- Computer and Information Security Policy
- Date - Oct 16, 2002
- Draft paper for NIST Computer Security Handbook.
- The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments
- Date - Apr 18, 2000
- ISO Security Standards Generation
- Date - Apr 18, 2000
- IEEE Std 1003.1e
- Date - Apr 18, 2000
- IEEE 1003.2c
- Date - Apr 18, 2000
- Navy Handbook for the Computer Security Certification of Trusted Systems: Security Policy Model
- Date - Feb 21, 2000
- Navy Handbook for the Computer Security Certification of Trusted Systems: Assurance Mappings
- Date - Feb 21, 2000
- Navy Handbook for the Computer Security Certification of Trusted Systems: Implementation
- Date - Feb 21, 2000
- Navy Handbook for the Computer Security Certification of Trusted Systems: Covert Channel Analysis
- Date - Feb 21, 2000
- Navy Handbook for the Computer Security Certification of Trusted Systems: Penetration Testing
- Date - Feb 21, 2000
- Department Of Defense Trusted Computer System Evaluation Criteria - "Orange Book"
- Date - Feb 20, 2000
- US Department Of Defense Password Management Guideline
- Date - Feb 20, 2000
- US Department Of Defense: Computer Security Requirements
- Date - Feb 20, 2000
- US Department Of Defense: Technical Rationale Behind CSC-std-003-85:Computer Security Requirements
- Date - Feb 20, 2000
- US Department Of Defense: Audit in Trusted Systems
- Date - Feb 20, 2000
- US Department Of Defense: Trusted Product Security Evaluation Program
- Date - Feb 20, 2000
- US Department Of Defense: Discretinary Access Control in Trusted Systems.
- Date - Feb 20, 2000
- US Department Of Defense: Glossary of Computer Security Terms
- Date - Feb 20, 2000
- US Department Of Defense: Trusted Network Interpretation
- Date - Feb 20, 2000
- US Department Of Defense: Configuration Management in Trusted Systems
- Date - Feb 20, 2000
- US Department Of Defense: A Guide to Understanding Trusted Distribution in Trusted Systems
- Date - Feb 20, 2000
- US Department Of Defense: Guidlines for Formal Verification Systems
- Date - Feb 20, 2000
- US Department Of Defense: Trusted Product Evaluation Questionnaire
- Date - Feb 20, 2000
Network Security Library topic
| [ | 26 | ] | Anti Spam | [ | 12 | ] | Anti Virus | [ | 44 | ] | Auditing |
| [ | 60 | ] | Auth. & Access Control | [ | 3 | ] | Content Management | [ | 103 | ] | Cryptography |
| [ | 12 | ] | Disaster Recovery | [ | 36 | ] | Firewalls & VPN's | [ | 6 | ] | Forensics |
| [ | 41 | ] | Harmless hacking book | [ | 1 | ] | Honeypots | [ | 14 | ] | Information Warfare |
| [ | 26 | ] | Intrusion Detection | [ | 7 | ] | Law | [ | 3 | ] | Managed Security Solutions |
| [ | 50 | ] | Misc | [ | 24 | ] | Mobile Code | [ | 32 | ] | NCSC&DoD Rainbow series |
| [ | 13 | ] | NetWare | [ | 31 | ] | Network Security | [ | 4 | ] | Patch Management |
| [ | 3 | ] | Phishing | [ | 38 | ] | Policy & Standards | [ | 25 | ] | Privacy |
| [ | 21 | ] | Software Engineering | [ | 2 | ] | Trojans | [ | 2 | ] | Underground |
| [ | 82 | ] | Unix Security | [ | 19 | ] | Web Security | [ | 39 | ] | Windows Security |
| [ | 6 | ] | Wireless Security |
Featured Links*
Become a WindowSecurity.com member!
Discuss your security issues with thousands of other network security experts. Click here to join!