• Grid View
  • List View
  • IT Best Practices - Making Security an Integral Part of Project Management

    Making Security an Integral Part of Project Management

    Vulnerabilities are often introduced into an organization when changes are made to its technology, business processes, or facilities. Therefore, security should be an important element of project management, to ensure that the security implications of these changes are addressed. However, a survey by Computer Economics suggests that executives have not adequately integrated their security and project management functions. This article presents the results of our survey on the role of security in project management. Additionally, we review the positive impact that security can have on project management practices. (5 pp., 9 figs.) [Executive Summary]

    August, 2007

  • IT Best Practices - NIST Developed Processes for Securing IT Systems Improve Effectiveness

    NIST Developed Processes for Securing IT Systems Improve Effectiveness

    The National Institute of Standards and Technology developed guidelines for certifying and accrediting the security of IT systems. The completeness of these procedures and their suitability for systems of any size make them useful tools for managers to apply toward the protection of their systems. The risk assessment methodologies and verification procedures can be tailored to fit within the budgets of any mission-critical application.

    March, 2003

  • IT Best Practices - IT Security in Banking, Finance, and Insurance

    IT Security in Banking, Finance, and Insurance

    This article provides key findings for the banking, finance, and insurance industry from our 2002 report, IT Security, Perceptions, Awareness, and Practices. Acces to the full report is also provided.

    December, 2002

  • IT Best Practices - IT Security in Manufacturing Firms

    IT Security in Manufacturing Firms

    This article provides key findings for the manufacturing industry from our 2002 report, IT Security, Perceptions, Awareness, and Practices. Acces to the full report is also provided.

    November, 2002

  • IT Best Practices - Controlling IT Security Costs

    Controlling IT Security Costs

    Developing an effective security management process is key to controlling costs and protecting your IT environment. This article provides key points for choosing between using integrated functionality in network devices and using a specialized functional appliances.

    October, 2002

  • IT Best Practices - Checklist for Evaluating E-Commerce Security

    Checklist for Evaluating E-Commerce Security

    Numerous successful website violations demonstrate e-commerce’s vulnerability to security threats. A successful security program necessitates a continuing cycle of evaluating, improving, and rebuilding defenses. This article provides a checklist to assist in developing a cost-effective policy that takes into account all factors required for success. (3 pp.)

    August, 2002

  • IT Best Practices - Apply Countermeasures to Protect IT Security Now (August 2002)

    Apply Countermeasures to Protect IT Security Now (August 2002)

    Many IT managers worry about the vulnerability of their systems, but their attempts to improve protection are often hampered by budgetary and administrative concerns. Any security measure will inconvenience users and the organization to some degree. Past ineffectiveness of protective applications often results in a cynical user community and a hard sell to management when attempts are made to add new security protection.

    August, 2002

  • IT Best Practices - Achieving a Positive ROI for IT Security

    Achieving a Positive ROI for IT Security

    Understand your core IT security issues and develop an ROI model that will save you time and money and strengthen your IT environment.

    July, 2002

  • IT Best Practices - Checklist for Reporting a Computer Crime

    Checklist for Reporting a Computer Crime

    This article provides a checklist of practical steps to follow in the event that your systems are hacked or accessed by an unauthorized party. Actions include how to contact law enforcement, information to gather to assist in the investigation, and information to gather to determine damages. (2 pp.)

    May, 2002