Upload File

security and office automation

2
Abstracts of Recent Articles and Literature Department's automated system for Freedom of Information Act re- quests nearly useless for tracking FOIA queries, the General Account- ing Office reported. The auditors found that in a pool of nearly 200 cases, nearly 41% contained inac- curacies in one or more categories, including receipt data, search, review and completion date. The largest percentage of erroneous data entries were in the completion date. Errors in that category have particu- larly important ramifications given the FOIA requirements for timely responses to public information requests. Government Computer News, October 9, 1987, p. 17. Hospital's Medical Data Held in Strict Security Quick access to accurate, timely information on a patient's medical history is of vital importance to a hospital. A system used by a major hospital to provide this information is described in the article. The system: (1) provides an easy-to- maintain theft protection system; (2) prevents access to data by un- authorized personnel; (3) affords surge and spike protection; (4) offers a rechargeable battery backup; (5) permits remote and/or silent secu- rity notification of unauthorized tampering. The Office, October 1987, p. 68. Fire and Humidity: Data Safes Protect Against Both, Sandra Sopko Too few executives have con- cerned themselves with protecting information from natural causes like fire and humidity. Data safes can provide considerable protection. Electronic data safes are designed to protect media from extraordinary temperatures, water and humidity, and most are tested and approved by Underwriters Laboratories. They usually have an outer steel shell and inner lining to protect contents from temperatures as high as 1770 degrees for one hour. The Office, October 1987, pp. 72, 74. Security Issues Concern NSA, Vendors The Department of Defense does not intend to force its standards on the private sector, according to the director of the National Computer Security Center. The reassurances came in the wake of public concern about PoD security and encryption initiatives after NSA announced it would take a stricter interpretation of NSDD 145 and enforce the use of a new data encryption standard for "sensitive but unclassified" informa- tion in all federal agencies. The announcement led to the introduc- tion of Hu 145, a bill designed to give authority for computer security in civilian agencies to NBS. The bill has passed the House and awaits action in the Senate. Government Computer News, October 9, 1987, p. 16. LANS Introduce New Security Issues, Harriette L. Chandler The installation of Local-area networks introduces new vulnerabi- lities to the pc environment. For- tunately, there are techniques to improve security but these must be made an integral part of the network at the design and implementation stages. The various communications media have different properties that may be compromised in the network system and without adequate shielding, radio frequency emissions from the cable system may be intercepted. Since fiber optic cabling does not emit radio fre- quency signals and is difficult to tap, it is appropriate for highly secure applications. Information WEEK, October 12, 1987, p. 46. Encryption Standard to get Reprieve, Mitch Betts It is reported that NBS plans to reaffirm its support for the DES for another five years. Federal support for DES has been in question for more than a year because the NSA has shifted its support to a new secret encryption algorithm embed- ded in silicon. Support for the DES was registered by the financial community, the Federal Reserve System and the us Treasury, numerous federal agencies and equipment vendors. Final approval of NBS support for the DES by the bureau's parent agency, the Depart- ment of Commerce, is expected in a month or two. Computerworld, Oct- ober 19, 1987, pp. 1, 134. Security and Office Automation, Ken Wong In many offices, personal com- puters are now used to download data from corporate databases. Each type of system creates inherent risks and, as more systems are intro- duced, the risks become more pronounced. The data stored in office systems must be protected against unauthorized access, mod- ification, destruction, or denial of access. If a system contains personal data, there will be a need for further security provisions to comply with privacy laws. The four major risks inherent in office systems are 106

Upload: ken-wong

Post on 21-Jun-2016

217 views

Category:

Documents


4 download

Report

TRANSCRIPT

Page 1: Security and office automation

Abstracts of Recent Articles and Literature

Department's automated system for Freedom of Information Act re- quests nearly useless for tracking FOIA queries, the General Account- ing Office reported. The auditors found that in a pool of nearly 200 cases, nearly 41% contained inac- curacies in one or more categories, including receipt data, search, review and completion date. The largest percentage of erroneous data entries were in the completion date. Errors in that category have particu- larly important ramifications given the FOIA requirements for timely responses to public information requests. Government Computer News, October 9, 1987, p. 17.

Hospital's Medical Data Held in Strict Security

Quick access to accurate, timely information on a patient's medical history is of vital importance to a hospital. A system used by a major hospital to provide this information is described in the article. The system: (1) provides an easy-to- maintain theft protection system; (2) prevents access to data by un- authorized personnel; (3) affords surge and spike protection; (4) offers a rechargeable battery backup; (5) permits remote and/or silent secu- rity notification of unauthorized tampering. The Office, October 1987, p. 68.

Fire and Humidity: Data Safes Protect Against Both, Sandra Sopko

Too few executives have con- cerned themselves with protecting information from natural causes like fire and humidity. Data safes can provide considerable protection. Electronic data safes are designed to

protect media from extraordinary temperatures, water and humidity, and most are tested and approved by Underwriters Laboratories. They usually have an outer steel shell and inner lining to protect contents from temperatures as high as 1770 degrees for one hour. The Office, October 1987, pp. 72, 74.

Security Issues Concern NSA, Vendors

The Department of Defense does not intend to force its standards on the private sector, according to the director of the National Computer Security Center. The reassurances came in the wake of public concern about PoD security and encryption initiatives after NSA announced it would take a stricter interpretation of NSDD 145 and enforce the use of a new data encryption standard for "sensitive but unclassified" informa- tion in all federal agencies. The announcement led to the introduc- tion of Hu 145, a bill designed to give authority for computer security in civilian agencies to NBS. The bill has passed the House and awaits action in the Senate. Government Computer News, October 9, 1987, p. 16.

LANS Introduce New Security Issues, Harriette L. Chandler

The installation of Local-area networks introduces new vulnerabi- lities to the pc environment. For- tunately, there are techniques to improve security but these must be made an integral part of the network at the design and implementation stages. The various communications media have different properties that may be compromised in the network system and without adequate shielding, radio frequency

emissions from the cable system may be intercepted. Since fiber optic cabling does not emit radio fre- quency signals and is difficult to tap, it is appropriate for highly secure applications. Information WEEK, October 12, 1987, p. 46.

Encryption Standard to get Reprieve, Mitch Betts

It is reported that NBS plans to reaffirm its support for the DES for another five years. Federal support for DES has been in question for more than a year because the NSA has shifted its support to a new secret encryption algorithm embed- ded in silicon. Support for the DES was registered by the financial community, the Federal Reserve System and the us Treasury, numerous federal agencies and equipment vendors. Final approval of NBS support for the DES by the bureau's parent agency, the Depart- ment of Commerce, is expected in a month or two. Computerworld, Oct- ober 19, 1987, pp. 1, 134.

Security and Office Automation, Ken Wong

In many offices, personal com- puters are now used to download data from corporate databases. Each type of system creates inherent risks and, as more systems are intro- duced, the risks become more pronounced. The data stored in office systems must be protected against unauthorized access, mod- ification, destruction, or denial of access. If a system contains personal data, there will be a need for further security provisions to comply with privacy laws. The four major risks inherent in office systems are

106

Page 2: Security and office automation

Computers and Security, Vol. 7, No. 1

hardware, software, network and user-related risks. Each of these is discussed in the article as well as security measures available for protection. Among these are risk analysis, security policy and guidel- ines, environmental controls, physi- cal security, access security, data security and backup and con- tingency planning. Edpacs, September 1987, pp. 5-I1.

Fault Tolerant Computers and Multiprocessing. January 1985-June 1987

This bibliography contains cita- tions concerning computational concurrency and fault tolerant fea- tures of computer hardware, includ- ing their design, architecture and applications. Greedy's diagnostic theory, multiple node and link failures, transient fault detection, error correction and faulty recovery are among the topics discussed. Reliability studies on various systems by real time testing and statistical analysis are presented. (This updated bibliography contains 178 citations, 32 of which are new entries to the previous edition.) National Technical Information Service, PB87-862959/WCC.

Development of Confidence Limits by Pivotal Functions for Estimating Software Reliability

The utility of pivotal functions is established for assessing software reliability. Based on the Moranda geometric de-eutrophication model of reliability growth, confidence limits for attained reliability and prediction limits for the time to the next failure are derived using a

pivotal function approach. Asymp- totic approximations to the con- fidence and prediction limits are considered and are shown to be inadequate in cases where only a few bugs are found in the software. Departures from the assumed expo- nentially distributed interfailure times in the model are also in- vestigated. The effect of these departures is discussed relative to restricting the use of the Moranda model. National Technical Information Service, N87-23244/3/WCC.

After the Street's Unforgettable Week all Info Systems are (Mostly) go, Barton Crockett and Cassimir J. Medford

On Monday, October 19, when the stock markets plummeted in New York, London and Tokyo, the computers and communications links strained to the breaking point--coping with the deluge, but barely. The next day, the disk drives that record daily transactions at the American Stock Exchange ran out of space in the last five minutes of trading. On Wednesday, the auto- mated transaction system of the Pacific Stock Exchange, running at 130% of capacity for three con- secutive days, crashed. Throughout much of the week, the ticker tape at the New York Stock Exchange was as much as two hours behind time. Information WEEK, October 26, 1987, pp. 12, I3.

In Japan, MIS Weathers the Storm Easily, Dorothy Ko

During the stock market drop and recovery, the Tokyo Stock Exch- ange found that its regular systems

were sufficient to handle emergen- cies. There is no program trading in Tokyo. Informatio, WEEK, October 26, 1987, p. 12.

In London, Stocks Up and Computers Down, Philip Hunter

Having coped with falls on Monday and Tuesday, one of the computer systems broke down under the weight of Wednesday's rebound, failing to display the Financial Times 100 share index for two hours. Nevertheless, the basic Stock Exchange Automated Quota- tion system coped admirably with the record trading, handling a volume beyond the maximum it was designed to carry. Information WEEK, October 26, 1987, p. I3.

Today's Computer Crime: The Threat from Within, Diana ben-Aaron with Lee Green

According to Donn Parker, the trusted insider is still the biggest danger to the corporation. What's prevalent is data diddling, changing data before or as it goes into the system rather than in the computer. The primary management tech- niques for minimizing this problem are separation of functions and strict auditing. Within the MIS depart- ment, only a handful of people should be authorized to bring the system up, create users and manage the audit trail. The array of security products can be grouped into physical security, access security, transmission security and encryption/decryption techniques. Each of these is discussed in the article, lnformation WEEK, October 26, 1987, p. 34ff.

107


Automation. Security. Communications - Netsoft Group · Automation, Security & Communications Solutions Registered office: Bangalore; Presence: Singapore, Dubai In the last 13 years,

Practical Security Automation

Office Automation Software

Advanced Office Automation

OFFICE AUTOMATION USING PLC SYSTEM · The continuous growth of Industrial development ... In this Project Office Automation Using PLC system ... of GSM-Zigbee based Home Security

Office Automation Syllabus

Security Automation Developer Days - Minutesmakingsecuritymeasurable.mitre.org/...Developer... · Security Automation Developer Days - Minutes 2012 Page | 6 Introduction Security

Automation Security V12

Home Automation & Security

Introduction to Office Automation. 5.1 Basics of Office Automation 5.2 Software and Hardware for Office Automation 5.3 Basic Activities in Office Automation

Office Automation System

Office Automation & Intranets

SCADA, SECURITY & AUTOMATION NEWSLETTER security & automation newsletter

Effective Security Through Automation - RSA Conference · Effective Security Through Automation. GPS-R01A. ... The Existing Security Stack… Firewall. VPN. Email Security. Web Security

OBIEE Automation OBIEE Automation User and Folder Security

PLACEMENT OFFICE AUTOMATION

Office 365 Governance & Security · Your Policy. Our Automation. Technical Overview Office 365 Governance & Security Accountability & Security Recertification Public Site Collection

Office Automation Final

Security Automation Developer Days - Minutes - Making ......Security Automation Developer Days - Minutes 2012 Page | 6 Introduction Security Automation Developer Days was held on July

“BUSINESS SYSTEM INDIA LTD SINCE 1985 SPECIALIZING :- ELECTRONIC SECURITY HOME/OFFICE AUTOMATION LIGHTING CONTROL COMMUNICATION

SCADA, SECURITY & AUTOMATION · PDF filescada, security & automation newsletter scada security

Charisma Office Automation

Security Automation - NIST€¦ · Security Automation To 3 rd Annual NIST Security Automation Conference and Workshop Richard Hale Chief Information Assurance Executive Defense Information

Office automation sysmtems

Cloud Security Automation - New York State Office of ... · Cloud Security Automation. Edward. Luna - Senior Solution Architect. Chris Lohret – Senior Solution Architect. June 5,

Back Office Automation

Cisco Visual Networking Index (VNI) and VNI Service Adoption · •Office building automation • Building security • Office equipment – printers + • Routers + • Commercial

Security Automation

Office Automation

A. B. Security Controls...Security & Surveillance Systems, Office and Home Automation and Gate Automation Systems. Procured from trusted and reliable vendors of the industry, the offered

8. Office Automation

Office Automation Systems

Office Automation Overview

Office Automation 2