Posts Tagged ‘microsoft’
Espionage Act and Governance, Risk & Compliance for the CISSP-CISA
http://en.wikipedia.org/wiki/Federal_Information_Security_Management_Act_of_2002
Federal Information Security Management Act of 2002
From Wikipedia, the free encyclopedia
Jump to: navigation, search
The Federal Information Security Management Act of 2002 (”FISMA”, 44 U.S.C. § 3541, et seq.) is a United States federal law enacted in 2002 as Title III of the E-Government Act of 2002 (Pub.L. 107-347, 116 Stat. 2899). The act recognized the importance of information security to the economic and national security interests of the United States.[1] The act requires each federal agency to develop, document, and implement an agency-wide program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.[1]
FISMA has brought attention within the federal government to cybersecurity and explicitly emphasized a “risk-based policy for cost-effective security”.[1] FISMA requires agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agencys information security program and report the results to Office of Management and Budget (OMB). OMB uses this data to assist in its oversight responsibilities and to prepare this annual report to Congress on agency compliance with the act.[2] In FY 2008, federal agencies spent $6.2 billion securing the governments total information technology investment of approximately $68 billion or about 9.2 percent of the total information technology portfolio.[3]
Implementation of FISMA
In accordance with FISMA, NIST is responsible for developing standards, guidelines, and associated methods and techniques for providing adequate information security for all agency operations and assets, excluding national security systems. NIST works closely with federal agencies to improve their understanding and implementation of FISMA to protect their information and information systems and publishes standards and guidelines which provide the foundation for strong information security programs at agencies. NIST performs its statutory responsibilities through the Computer Security Division of the Information Technology Laboratory.[4] NIST develops standards, metrics, tests, and validation programs to promote, measure, and validate the security in information systems and services. NIST hosts the following:
FISMA implementation project[5]
Information Security Automation Program (ISAP) * National Vulnerability Database (NVD) the U.S. government content repository for ISAP and SCAP. NVD is the U.S. government repository of standards based vulnerability management data. This data enables automation of vulnerability management, security measurement, and compliance (e.g., FISMA)[6]
Duration : 0:8:50
CISA and CISSP exam cram at the Queen Mary in Long Beach, CA to support the Cyber Security Act
http://en.wikipedia.org/wiki/CISSP
Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the not-for-profit[1] International Information Systems Security Certification Consortium, commonly known as (ISC)². As of June 30, 2009, (ISC)² reports 63,358 members who hold the CISSP certification in 134 countries.[2] In June, 2004, the CISSP was the first information security credential accredited by ANSI ISO/IEC Standard 17024:2003 accreditation, and, as such, has led industry acceptance of this global standard and its stringent requirements.[3][4] It is formally approved by the U.S. Department of Defense (DoD) in both their Information Assurance Technical (IAT) and Managerial (IAM) categories.[5] The CISSP has been adopted as a baseline for the U.S. National Security Agency’s ISSEP program.[6]
Duration : 0:0:49
IBS, Innovative Business Systems, Inc.
Introduction to IBS, Inc.
Employee-owned and based in Easthampton Massachusetts, IBS is a computer services company supporting small to medium businesses, community banks, and credit unions that require technical expertise, project planning, and implementation services from a business partner they can count on today and in the future. Areas of expertise include Exchange 2007, data replication solutions, Disaster Recovery and Business Continuity infrastructure design and implementation, server virtualization and consolidation, desktop virtualization, application delivery, and remote access solutions.
Duration : 0:2:28
Realizing Mission Critical Microsoft
Join Bob Madaio, Director of Microsoft Alliance Marketing, to see how EMC’s solutions integrated with Microsoft technology offer a robust information infrastructure. EMC solutions enable best-in-class consolidation and management, data and systems management, data protection including backup and recovery, business continuity, and security, and archiving and compliance.
For more information
• Microsoft Solutions- http://www.emc.com/microsoftsolutions/
• Microsoft Global Alliances http://www.emc.com/partners/global-alliances/microsoft.htm
Duration : 0:6:12
Microsoft Exchange Server 2007 Storage Options – DAS or SAN
Brian Henderson from EMC’s Center of Excellence discusses the best options to architect your mission-critical Exchange 2007 environment as it relates to management/performance, scalability, back-up, disaster recovery/business continuity, and archiving. Learn the differences between direct attached storage and storage area networks.
For more information go to www.emc.com/exchange
Duration : 0:6:35
Business Continuity Server – Disaster Recovery – Asempra
http://www.tredent.com/bcs – Asempra’s Business Continuity Server is a comprehensive continuous availability solution for Windows applications and data. Disaster Recovery – http://www.tredent.com
Duration : 0:3:5