Web sites give computer security advice

Web sites give computer security advice

By Patricia Daukantas

GCN Staff

APRIL 2'Federal systems administrators in search of advice on computer and network security can log onto three Web sites tailored to their needs, a security specialist said last week at the National High-Performance Computing and Communications Council's annual conference in Newport, R.I.

At bsp.cio.gov, a Chief Information Officers Council subcommittee sponsors the Best Security Practices Initiative, said Marianne Swanson, senior adviser for information technology security management at the National Institute of Standards and Technology. The site has 16 case studies about agency security practices and the lessons learned from them.

Federal users can submit case studies to the subcommittee, which reviews them for appropriateness before posting, Swanson said. An automatically scrolling window on the home page shows the subjects of particular interest to the subcommittee.

NIST's Computer Security Resource Center, at csrc.nist.gov, started as a bulletin board service 12 years ago, Swanson said. The site now has a section on proper implementation of public-key infrastructure systems, and over the next two months NIST will add sections on risk assessment, incident handling and firewall policies.

The ICAT Metabase, at icat.nist.gov [see www.gcn.com/vol19_no23/news/2683-1.html] details more than 2,300 known computer and network vulnerabilities, organized by the Common Vulnerabilities and Exposures naming standards developed two years ago by Mitre Corp. of Bedford, Mass.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.