Basics of Security Awareness: Users are the Weakest Link

Basic Principles of Security Awareness. Security experts consider system users the weakest link in information security. User skill levels and experience can greatly vary, and unlike automated controls, human users can be subject to fatigue, or be distracted, which can lead to mistakes resulting in vulnerabilities. Security awareness training is often a user’s first experience with information security.… Read More »

Greg Palmer

Primary Advantages of COBIT, ISO 27000, and NIST

The following is a list of the primary benefits of the COBIT, ISO 27000, and NIST frameworks: COBIT COBIT allows much broader scope and takes into account all IT management processes. Geared towards a method of successfully executing key policies and procedures. It is often used to tie together controls, technical issues and risks, within an organization. COBIT… Read More »

Greg Palmer

Framework and Policy Development Team

The IT security policy framework is the foundation of an organizations information security program. The framework consists of a library of documents, but is just not a collection of documents. The framework and its documents are used to build an organizations processes, determine appropriate technologies to use, and lay the foundation for policy enforcement. The framework is a… Read More »

Greg Palmer

Bring Your Own Device (BYOD) Policies and Practices

Bring Your Own Device (BYOD): Organizations allowing employees to use their own personal devices such as smart phone and tablets to conduct organization business. The SANS Reading Room article, SANS Survey on Mobility/BYOD Security Policies and Practices found that 61% of organizations allowed personal devices to connect to protected company systems, but only 9% of organizations were truly… Read More »

Greg Palmer

Information System Acceptable Use Policy (AUP)

An Acceptable Use Policy (AUP) is an agreement between two or more parties, usually a business or service, and users of an information system. The AUP expresses in writing a policy of certain standards of behavior relating to the proper usage of specific hardware and software services. In other words, it is a set of rules created and… Read More »

Greg Palmer

Implementing Security Policies in Flat and Hierarchical Management Structures

When considering the implementation of security policies, an organization must also consider how employee behavior often varies depending on whether the organization uses a flat or hierarchical management structure. In flat organizations, there are less layers between management and employees so decisions and problem solving generally happens faster and at a lower level. Smaller organizations tend to be… Read More »

Greg Palmer

Mitigating Insider Security Threats

Threats from within an organization. Insider security threats are the most significant threat to today’s information systems. Insiders often have elevated access within an organizations information systems which often gives them a level of authorized access that can cause a lot of damage if misused intentionally, or unintentionally. In the SANS Reading Room article; Insider Threat Mitigation Guidance,… Read More »

Greg Palmer

LAMP Basic on Ubuntu 16.04. Short Essential Version

LAMP (Basic) on Ubuntu 16.04. Short Essential Version LAMP (Linux, Apache, MySQL, PHP) The more detailed version of this LAMP (Basic) Installation on Ubuntu 16.04 Server can be found here… Basic Server Configuration Set root password Enter sudo password, then new root password twice at each prompt Update Ubuntu 16.04 Check and Edit Network Configuration Restart Network Service Log Into… Read More »

Greg Palmer

LAMP Basic Installation on Ubuntu 16.04 Server

LAMP (Basic) Installation on Ubuntu 16.04 Server LAMP is a very popular server configuration already covered by countless tutorials and HowTo’s readily found with a basic web search. The following tutorial was constructed on request from several colleagues and fellow students who want to setup a basic LAMP server for lab, or home use. YES, I am well aware… Read More »

Greg Palmer

Routing Protocols. RIP, EIGRP, OSPF, IS-IS

Routing protocols are used to establish a path between routers. The most common routing protocols used are: Routing Information Protocol (RIP), Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and Intermediate System to Intermediate System (IS-IS). Which protocol to use with a Local Area Network (LAN) depends on the following Factors: Administrative cost of management. Administrative… Read More »

Greg Palmer