eReader Security Template

eReader Security Template released with version 12

eReader Security Template
eReader Security Template now address SIEM with both best practices and KPI metrics in addition to identity protection

eReader Security Template has just been released by Janco with its latest update of the security manual.  This is a major update as it the template now also includes KPI metrics and best practices for Security Information and Event Management (SEIM) as well as a chapter in Identity Protection.

This security template was first release in 1999 and has been updates between 3 to 4 times each year.  Currently the template is over 250 pages and includes chapters on the following topics.

  • Security policies – scope and objectives
  • Minimum and Mandated Security Standard Requirements
  • Vulnerability Analysis and Threat Assessment
  • Risk Analysis – IT Applications and Functions
  • Physical Security
  • Facility Design, Construction and Operational Considerations
  • Media and Documentation
  • Physical and Virtual File Server Security Policy
  • Network Security
  • Sensitive Information Policy
  • Internet and Information Technology Contingency Planning
  • Insurance Requirements
  • Security Information and Event Management (SIEM)
  • Identity Protection
  • Ransomware – HIPAA Guidance
  • Outsourced Services
  • Waiver Procedures
  • Incident Reporting Procedure
  • Access Control Guidelines
  • Electronic Communication
  • Mobile Access and Use Policy

Read on SecurityOrder Security ManualDownload Selected Security Manual Pages

 

 

Top 10 Technology Travel Tips – International

Top 10 Technology Travel Tips – International

Travel, Electronic, and Off-Site Meeting Policy
Top 10 Travel Tips

Top 10 Technology Travel Tips – When people traveling, especially internationally, not only is technology at risk but also sensitive personal and work information.  Below are 10 tips taken from Janco’s Travel, Electronic, and Off-Site Meeting Policy.

  1. If it’s not necessary, don’t travel with a computer or tablet.
  2. Whenever possible, arrange to use loaner laptops and handheld devices while traveling.
  3. If you are bringing a laptop with you, make sure you have the proper plug adapter.
  4. Install a host-based firewall, and configure it to deny all inbound connections.
  5. Disable file, printer sharing, and Bluetooth. Apply full disk encryption, picking a long, complex password
  6. Update all software immediately before travel.
  7. Always clear out browser cache before you leave.
  8. Backup your computer
  9. If you are bringing private data, not on a computer, copy the data onto an encrypted USB memory device
  10. Change the password for your accounts email, Gmail, Facebook, etc.
    1. Utilize complex passwords – Assume the workstation or medium will be lost or stolen.
    2. Memorize the password, or keep it in a secure location on your person.
    3. Password protect the login, and require the password after screen-saver.
    4. NEVER set browser to remember passwords.

Order Policy Download Selected Pages

Top 10 Reasons Why Security Breaches Occur

Top 10 Reasons Why Security Breaches Occur

Security Policies

With all of the concerns about security breaches, still one out of ten CIOs and CFOs feel they do not have an adequate security strategy in place and are reactive when an incident does occur. Many of them find out, the hard way, that the cost to react to an event is significantly greater than it would have been to implement an adequate solution before hand.

The top 10 drivers of security shortcomings include:

  1. Insufficient funding for security
  2. Lack of commitment by senior executive management
  3. Lack of leadership in the security arena by the CIO
  4. Belief that the organization will not be targeted
  5. Lack of internal resources who are “security” experts
  6. Lack of an effective IT security strategy
  7. Lack of an action plan on how to implement a solution before an event
  8. Infrastructure for IT that does not easily lend itself to security implementation including complex and disjointed applications and data
  9. No central focus with the enterprise that focuses on security
  10. Lack of a good termination policy for employees and contractors

In a review of over 200 incidents we have found the frequency of these types of breach losses to be as depicted in the chart below:

Order Security ManualSample DRP

Privacy is a thing of the past

Privacy is a thing of the past

When we look at the world as it is today, it is easy to see that privacy is no longer a reality no matter where you are in the world

Order Sensitive Information PolicySensitive Information policy

BYOD guidelines are just being defined, but one warning must rise above the din: never, ever, try to gain unauthorized access to an employee’s pri…

Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet TestimonialsPrivacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists BYOD

URL: https://www.e-janco.com/Press/2013/20130510-BYOD-Policy.html

Compliance Mandates – Security Manual Template Version 8.0 Released

Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet TestimonialsPrivacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Compliance

URL: https://www.e-janco.com/Newsletters/2010/Compliance_Newsletter_100726.htm

Companies should also weigh the vulnerabilities associated with various cloud computing service and deployment models

Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet TestimonialsPrivacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Cloud

URL: https://www.e-janco.com/CloudSecurity.htm

Privacy rules to be changed by Facebook

Security ManualFacebook is about to make a change to its privacy controls and make it so that ANYTHING that you have on their system is no longer yours.  In essence they are saying WELCOME STALKERS.  When there will be an “Alliance” with Google nothing about you, your family, and your job will be private.

If you thought that the NSA data collection process was scary – this would even scare George Orwell.

http://bit.ly/1c9bruK

Facebook is pulling the plug on a setting that allowed people to prevent others from finding them by name using the Facebook search bar, the company said. The setting was actually removed last year for people who weren’t using it, but it was left in place for those who were.

Not any longer. The setting will disappear for all users in the coming weeks, Facebook said. People still using the setting will see a notice on their homepage alerting them that it will soon be going away. Less that 10% of Facebook’s 1 billion-plus users were still using the setting, according to a Facebook spokeswoman.

Its disappearance means Facebook users will no longer have a way to prevent people from finding their Timeline on the site.

Related Articles:

BYOD guidelines are just being defined, but one warning must rise above the din: never, ever, try to gain unauthorized access to an employee’s pri…
Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet Testimonials Privacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists BYOD

What is HIPAA

What is HIPAA snd what does the FTC rule mean
Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet Testimonials Privacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists What  

Compliance Mandates – Security Manual Template Version 8.0 Released
Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet Testimonials Privacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Internet  

Companies should also weigh the vulnerabilities associated with various cloud computing service and deployment models
Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet Testimonials Privacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Cloud  

The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights…
Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet Testimonials Privacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists HIPAA  

Cloud Computing Service Level Agreement – Reaching agreement on the terms of service of a negotiated SLA for public cloud services can be a compli…
Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet Testimonials Privacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Cloud
Security Issue Trends
Articles Archives Register CIO Roundtable Company Who we are Customers Downloads Advertizing Rate Sheet Testimonials Privacy Payment Options Terms and Conditions Return Policy Site Map Blog Top 10 Lists Security