Toledo, OH 43623
tom
Building the Foundation: Architecture Design - Chapter 3 (Related Training)
Enterprise Security: A practitioner’s guide – Chapter 1 (Related Training)
UEFI and the TPM: Building a foundation for platform trust (2011)
Five Steps to Incident Management in a Virtualized Environment (2011)
Microsoft Server Virtualization Security: Ten Tips and Settings (2011)
Series on building and managing an Information Security Awareness Training Program (2008)
Series on use of free Sysinternals utilities for security management and testing (2008)
Prepare for e-discovery requests: How to avoid disastrous legal sanctions and fines (September 9, 2008)
Evaluation of TrueCrypt as a Mobile Data Encryption Solution (April 19, 2008) (PDF) (MobiPocket)
A Practical Approach to Management Information System Risk (February 2, 2008)
Protect Your Organization from Steganographic Data Theft (February 12, 2007)
Getting to Secure Internet Identity Management (February 12, 2007)
Keystroke Dynamics: Low impact biometrics verification (September 23, 2006)
Build and Effective Security Awareness Program (April 8, 2006)
DNS Cache Poisoning: Definition and Prevention (March 16, 2006)
The purpose of the papers on this site are to educate business managers in the essentials of Information Security.
My Book...
Just Enough Security:
Information Security for Business Managers
The Just Enough Security (JES) approach to
information assurance is based on the belief
that no one safeguard can completely protect
your critical information assets from a highly
motivated threat. The JES security model
combines multiple layers of safeguards with
simple risk management tools to help you
achieve both the security of your information
assets and a return on your security
investment.
Paperback Edition
Toledo, OH 43623
tom