Anytime a feature of a framework gives me something for free that I don't need to manually implement I'm a happy camper. One such feature of ASP.NET MVC 2 is jQuery client-side validation. The
Physical Access
With today's phones, PDAs, handheld computers, and wireless laptops, the limits of physical access security have never faced stronger challenges, while the requirements continue to skyrocket. You should evaluate the kind of physical access required with the potential threat. For example, are your company's assets located in an area subject to natural or environmental threats, such as earthquakes, hurricanes, tornadoes or floods? Are your global resources in areas subject to terrorism or civil unrest? What about the likelihood of corporate data theft or destruction by disgruntled employees or ex-employees?
It is likely that your organization faces some of these risks. Does your staff walk away from systems with active logins, leave the server room door open, or leave keys in the server racks in machine rooms? The scope, detail, and expense of your physical access security plan should also be compared to the value of assets and secured to the highest degree possible without adversely affecting normal business functions. Installing screen locks that become active after 15 seconds of idle time may cause considerable productivity loss, as well as increase employee irritation. Requiring all documents to be shredded before disposal may only be required where vital data can be compromised.
The Sum of the Parts
Ongoing scrutiny, review, and modification of each of the areas presented provide a basic groundwork for security architecture. The key word is "ongoing" - security architecture is not a static process. You can't "set it and forget it." Implementing the maximum level of security required by each asset in your business is a task measured in man-years, not man-hours. But when compared to the value of your company's information systems, isn't it worth it?
About Richard Williams Richard Williams is director of education for Symark Software in Agoura Hills, California. With over 20 years of experience in systems administration, architecture, and design, Richard oversees the development and delivery of Symark's University Training Program in providing customer support to global enterprise customers.
Reader Feedback: Page 1 of 1
#5
Sumit commented on 3 Jan 2006
How is article in anyway related to open source?
#4
Information Storage & Security Journal News Desk commented on 10 Nov 2005
Information security is a top priority for many companies. Protecting information from external threats such as hackers, viruses, and spam, as well as governmental regulation requirements (SOX, HIPAA, NISPOM, etc.), are driving IT purchases beyond ROI as C-level executives seek to assure shareholders (and themselves) that assets are secure within the company complex. Viewed as today's growth market, many software/hardware/service companies are creating offerings to mitigate perceived risk or actual liability.
#3
Enterprise Open Source Magazine News Desk commented on 10 Nov 2005
Designing and Implementing a Security Architecture. Information security is a top priority for many companies. Protecting information from external threats such as hackers, viruses, and spam, as well as governmental regulation requirements (SOX, HIPAA, NISPOM, etc.), are driving IT purchases beyond ROI as C-level executives seek to assure shareholders (and themselves) that assets are secure within the company complex. Viewed as today's growth market, many software/hardware/service companies are creating offerings to mitigate perceived risk or actual liability.
Are there any good online resources on these, on SoX for examle?
#1
BadM commented on 4 Nov 2005
}}} reliable and correct delivery of information on your LAN or WAN is no longer guaranteed via TCP/IP, with address spoofing and snooping available to anyone on your network {{{
Subscribe to our RSS feeds now and receive the next article instantly!
About Newsfeeds / Video Feeds
.gif)
