see the threat. block the vector. maintain sanity.

Emergency Preparedness pulls together various policy and procedure issues - the heart of all anti-virus strategies. The focus is on how to evaluate a threat's magnitude and direction-helping to prevent viruses from intersecting with the way you do business.

    vectorblog  about   contact

Live Search

Microsoft Advisory Summaries

 

 

 

 

 

 


Exchange Rate: Privacy Data PDF

August 2007

We all love our privacy, our private data, and things that keep those exclusive to ourselves. What does it take for your favorite retailer, health care provider, and credit bureau to make intelligent decisions about that data? A good review for risk managers at every level of data administration - how much is personal data worth to the businesses that collect it?

 

DIACAP Training for C&A Professionals

July/August 2006

With the newly minted DIACAP guidance from the US DoD, Certification and Accreditation teams are gearing up for a change in their daily routines. DIACAP may be of benefit to non-military/government programs as well, as the program outlines important practices for maintaining any system's security posture through its entire lifecycle. This paper and slide presentation serves as a solid overview of the process.

 

Doomsday: Virus Story PDF

October 2005

Disaster recovery and survival lessons are found in many places, not the least of which is the coverage of a feared pandemic such as an avian influenza outbreak. Most analysts in the security game rebuff fear and doubt as poor reasons to implement any countermeasures. The report examines the reasons behind the fears of a viral epidemic and what people are doing in response to these fears, asking the question: is some fear OK as a motivator?

 

Customer Advocate: Phishing Perspective PDF

December 2005

With all of the money being made by phishers there must be a lot of unsatisfied Web users. This article examines what a web-based organization needs to consider in terms of client protection and phishing attempts.

 

Reverse Data Valuation PDF

June 2005

This brief look at asset management asks whether one can look at the safeguards in place in a data center and determine the value of the information held there - and if not, is there work to be done at the company in question.

 

Reorganizing Intelligence PDF

March 2005

Since March 2005 brought no new security patches from Microsoft, it provided administrators with a little time to consider the overall configuration management process within their organizations. One overlooked area is the collection of malicious code intelligence that exists (or needs to be built) inside the enterprise. This report looks at creating a malware response team and what the benefits might be when an outbreak hits the network.

Measuring Awareness Programs PDF

October 2004

In response to articles that deride training as an endeavor doomed to provide little return, this article looks at how projects can be measured and what type of results can be expected form malcode awareness programs.

 

Sample Training Presentations

These basic, customizable packages provide enterprises of all sizes a foundation for training end users on viruses and all malcode issues.

Vector Defense PDF

Updated October 2004

Malicious code enters networks for one reason: a flaw exists in the system. Closing these holes requires rational planning and a solid understanding of  the strengths and weaknesses of one's network. This report delves into the three categories of system flaws, how they affect network security, and how sound defensive plans are constructed.

Measuring Viral Defense, Part 2 PDF

September 2004

Once nebulous programs like security training and virus awareness have measured results (good or bad), how can that data shape virus defense policies? Part two looks at how awareness programs can be used in the overall anti virus program.

 Measuring Viral Defenses, Part 1 PDF

August 2004

How can vector defense be measured? With all the talk about ROSI there are few means of measuring how strong the corporate culture and virus defense really are. Part one of this discussion focuses on how a security administrator can begin evaluating how well the organization is prepared for a viral onslaught.

A Malcode Process Model PDF

July 2004

The foundation of any process model is the existence of a repeatable, improvable set of procedures for accomplishing a task. Taking control of the process allows for improved efficiency and quicker troubleshooting. Within most large organizations, there is a need to evaluate malicious code on a daily basis. Process models that encompass the security posture for an entire organization, although exceptionally well defined in many cases cannot focus on specific threats. The model suggested in this paper is designed to be a guideline for anyone charged with managing security policy or incident response.

Diagram PDF

Copyright © 2004-2008 infectionvectors.com. All rights reserved.