Search results for 'physical administrative technical controls olzak'

Endpoint hardening and defense: Overview of layered security

In this section, we begin infrastructure design tasks by discussing how to harden end-user devices and servers against attack or inadvertent loss of sensitive information. We start with an overview of layered security.

Security Basics - Overview of the Security Program

The framework around which administrative, technical, and physical controls are built is the security program. This article walks through building a program, including policies. (This article is updated content from the book, "Just Enough Security.")

Security Administrative Controls - Part 1

Access controls prevent unauthorized people from viewing or stealing information assets and employees from accessing sensitive information and systems not required for day-to-day tasks. They fall into three general categories: administrative, logical (technical), and physical. This is the first in a series of articles that examines preventive...

Just Enough Security - Part 2

In the previous article, we examined the layers in the JES defense-in-depth approach to network security. In this closing article, we put all the pieces together, showing how the layers work in concert in a well-designed, effectively managed security effort.

Just Enough Security - Part 1

Protecting sensitive information and critical systems is a balancing act, balancing constraints with operational effectiveness. This is the first in a series of articles that comprise and introduction to the Just Enough Security (JES) approach to information security. Application of the JES principles provide "reasonable and appropriate"...

Introduction to SMB Security

This is the introductory article in a series covering all aspects of securing a SMB's sensitive data and critical systems. When the series is complete, it will be a how-to manual for unserstanding security and how to apply just enough resources to protect information assets without going broke.

Information Security Primer - Part 4

In this final installment of the Information Security Primer series, we'll examine some fundamentals of risk management, specifically the components of a sound security program. The proper application of risk management principles provides the framework upon which managers base the reasonable and appropriate application of security controls.

Locking Down the Network With Access Controls

Once your network is configured, you and your employees will start using it in a way which results in sensitive information residing on servers and workstations. The best way to protect this information is to control who can see or change it. This is where access control comes in.