RE: Security Basics for Sales People

["Randori" <randori82 () hotmail com>]

There's also a great article in IEEE Privacy & Security.  I'd suggest this
magazine as a great standard monthly view of what's going on in the sec
industry.
Issue:2004, Vol 2 (September/October)
Article: Basic Training: Computer Security

Not free, unless you're part of S&P for computer.org:
http://csdl2.computer.org/dl/mags/sp/2004/05/j6068.pdf

Hope that helps.  We're using that for our entry level technicians and sales
people to give them a decent understanding of network and general security.
Also, for those who want to learn more, Network Security Illustrated (ISBN =
0071415041) is a solid reference for more "talented" salespeople wanting to
impress their clients a little more.

Take care,

            Andre Derek Protas
Security Engineer | Electus Solutions
        www.electussolutions.com
-----Original Message-----
From: Steve [mailto:securityfocus () delahunty com] 
Sent: Thursday, October 14, 2004 9:18 AM
To: Corey LeBleu; security-basics () securityfocus com
Subject: Re: Security Basics for Sales People

Brings back scary memories.  Those sales people love to write down their
passswords on a sticky and put that on their laptop that they leave at the
office in their open cubicle with no lock on the computer.

I would not even really tell them about the firewall/IDS/etc except to maybe
explain there are several security systems in place at various points on
your network to protect the employees, such as those in the sales
department.  You could explain for instance that something they likely know
of called a firewall offers some protection from Internet threats but that
your firm has other measures and systems in place.

I received a nice set of security awareness glossy cards addressing certain
levels within an organization (board, execs, users, IT) from the Information
Systems Audit and Control Association.  I could not find it on their
bookstore site though.  http://www.isaca.org

You may also want to consider annual security awareness training as is noted
by NIST
http://csrc.nist.gov/ATE/awareness.html
There are "user" level briefings/info there.




----- Original Message ----- 
From: "Corey LeBleu" <coreylebleu () gmail com>
To: <security-basics () securityfocus com>
Sent: Wednesday, October 13, 2004 9:15 AM
Subject: Security Basics for Sales People


Does anyone know a good general paper online on security basics that I
could pass down to my company's sales people? I just need something
really basic explaining things like the purpose of a firewall, IDS,
DMZ, encryption, and penetration test. I just want something that I
can give to the sales manager to give out to the non-tech people.
Thanks.


Corey LeBleu
Senior Security Engineer
TraceSecurity, Inc.
7117 Florida Blvd, Suite 310
Baton Rouge, LA 70806
http://www.TraceSecurity.com