Re: Need an short quick self-assessment tool for confidential information handling

[James H Moore <jhmfa () RIT EDU>]

You may want to hold off looking at it.  I have a good technical editor /
communication going over it, and making a lot of improvements.  I will post
that when it is available (later today).

Jim

-----Original Message-----
From: James H Moore
Sent: Monday, July 11, 2005 12:11 PM
To: 'The EDUCAUSE Security Discussion Group Listserv'
Subject: RE: [SECURITY] Need an short quick self-assessment tool for
confidential information handling

My thanks to all of you who responded.  You may see some influence in what
you see here.

What I am trying for is 2-fold.  Our server standard, which will be
finalized in a couple of weeks, has provisions in there about strict control
of world writable areas.  I believe that there is risk in the way that some
are set up, and in the way people use them.  More toward the end of the
summer, we will be finalizing an information access and protection standard.
This is something to both get people involved, and also to ask questions, so
that they know the efforts that might be involved in meeting the standard
(and be able to plan appropriately).

Comments are greatly appreciated.  I am on a short timeline to get this out.

Thanks

Jim

- - - -
Jim Moore, CISSP, IAM
Information Security Officer
Rochester Institute of Technology
13 Lomb Memorial Drive
Rochester, NY 14623-5603
(585) 475-5406 (office)
(585) 475-4122 (lab)
(585) 475-7950 (fax)

"In the middle of difficulty lies opportunity." Albert Einstein

"The release of new internet threats have not created a new problem. It has
merely made more urgent the necessity of solving an existing one." Parallels
quote by Albert Einstein on atomic energy"

Attachment: smime.p7s
Description: