Intrusions

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: J.R.Valverde: "RE: Intrusions"
• Previous message: Alex Ho: "Re: Introduction"
• Next in thread: Greg Foulds: "Re: Intrusions"

One thing to keep in mind is that it is often to ensure that intruders =
can't do anything on a system rather than try to prevent them from =
intruding in the first place. =20
If you break into a safe, and there is nothing there....you leave.
This angle works for many businesses and users.

However.....
financial institutions, governments, military, research organizations =
have more at stake. =20

So what needs to be done are two steps.
	1	Assess the risks:  Conduct a through risk assessment.  What =
cost/damage/etc. can an intruder cause on a system? =20
	2	Assess the threats:  Conduct a through threat assessment.  Where =
might intruders come from?  Is there a possibility of financial gain =
that might attract "professional" hackers or "information warriors"?

Some of my clients have a minimum level of security to secure against =
the "average" hacker.  These clients have no exposure if compromised.  =
Other clients have levels of security that utilize bio-metric secured =
workstations. =20

Thanks=20
Paul G. Seldes
Transaction Information Systems
111 Broadway, 10th floor
New York, NY 10006
212-962-1550
http://www.tisny.com

• Next message: J.R.Valverde: "RE: Intrusions"
• Previous message: Alex Ho: "Re: Introduction"
• Next in thread: Greg Foulds: "Re: Intrusions"