From GSA.gov…
By September 30, 2014, agencies need to update their public networks to Internet Protocol Version 6 (IPv6) to comply with Office of Management and Budget (OMB) guidance.
GSA has made available a comprehensive IPv6 SOW Template [DOC, 1.25MB] for agencies to use at no-cost to help achieve a smooth and well-planned transition. GSA encourages each agency to access, customize and leverage the IPv6 SOW for its own needs.
By Dominic Vogel at TechRepublic.com…
The bane of many information security pros’ existence is the never-ending quest of attempting to enforce the principle of least privilege. At its core, this is a data security issue, limiting the number of people having access to more data than they should (for example, someone in marketing having access to payroll records). Generally, any attempts to rein in access levels tend to be met with disdain as they are perceived as “trust” issues. While we can’t strip away all their privileges (this would grind the business to a halt, you can’t be too liberal either. This leads to privilege abuse or people being too timid about their data security responsibilities.
via How to successfully implement the principle of least privilege | TechRepublic.
By Dominic Vogel at TechRepublic.com…
Takeaway: One of the most highly regarded security certifications is the CISSP. Dominic Vogel offers these nine tips for becoming certified based on his own experience.
via Running the gauntlet: Tips for achieving your CISSP | TechRepublic.
Great opinion piece by Jon Buys at Ostatic.com…
Having your datacenter audited at the office can be a painful experience. One of the toughest is known by the initialism “PCI”, which stands for Payment Card Industry. The PCI audits are in-depth, and require several layers of security, logging, and documentation. Unfortunately, many of the requirements of such audits are derived from a Windows centric environment, and make little sense in a pure Linux system. At the top of this list is the requirement for anti-virus to be installed on all servers, but how necessary is this precaution in real life?
This is an impressive piece of software. I was able quickly save all of the drivers on my computer (I chose to not backup the drivers that are installed by Microsoft, Apple, etc.).
By Craig Snyder at MakeUseOf.com via Double Driver Makes Backing Up & Restoring Your Drivers Easier Than Ever [Windows].
By Dominic Vogel at TechRepublic.com…
Over the past several months, since notable security professional Dave Aitel proclaimed that security awareness was a complete waste of time, much has been written both for and against his arguments. I am not going to bother to add to the litany of articles. Regardless of your opinion about security awareness as a risk mitigating control, all information security professionals should be capable of at least describing, at a high-level, the concept of security awareness. Picture this scenario: you are tasked with talking about security awareness with your business colleagues. One stipulation – you have only five minutes to deliver your message. So other than constructing a machine to slow down time, how would you attempt to effectively describe security awareness in 300 seconds? My approach: take out all the techno-babble and appeal to people’s common sense.
via Five-minute security: The elevator pitch | TechRepublic.
By Mark Sullivan at PCWorld.com…
Technology never stops moving foward. Hardware gets faster, and operating systems gain new features and (we hope) finesse. This is natural computing law.
But just because computers are one big exercise in evolutionary progress, that doesn’t mean certain computing maxims ever go out of style. Take, for example, the nuggets of wisdom in the following list. All of these things are as true today as they were 2, 5, and in some cases even 10 or 20 years ago.
via 28 pieces of computing advice that stand the test of time | PCWorld.
By Chris Hoffman at MakeUseOf.com…
The Windows Hosts file allows you to define which domain names (websites) are linked to which IP addresses. It takes precedence over your DNS servers, so your DNS servers may say facebook.com is linked to a specific IP address, but you can have facebook.com go anywhere you want.