Security

These guidelines apply to all participants in the new information society and suggest the need for a greater awareness and understanding of security issues, including the need to develop a "culture of security" - that is, a focus on security in the development of information systems and networks, and the adoption of new ways of thinking and behaving when using and interacting within information systems and networks. The guidelines constitute a foundation for work towards a culture of security throughout society.

GAISP is based on a solid consensus-building process that is central to the success of this approach. Principles at all levels are developed by information security practitioners who fully understand the underlying issues of the
documented practices and their application in the real world. Then, these principles will be reviewed and vetted by
skilled information security experts and authorities who will ensure that each principle is:

• Accurate, complete, and consistent
• Compliant with its stated objective
• Technically reasonable
• Well-presented, grammatically and editorially correct
• Conforms to applicable standards and guideline

Generally Accepted System Security Principles incorporate the consensus, at a particular time, as to the principles, standards, conventions, and mechanisms that information security practitioners should employ, that information processing products should provide, and that information owners should acknowledge to ensure the security of information and information systems.

GASSP relates to physical, technical, and administrative information security and encompasses pervasive, broad functional, and detailed security principles. GASSP nomenclature considers the terms policy, rules, procedures, and practices to relate to the organizational implementation of security. Information technology (IT) changes rapidly, and GASSP are expected to evolve accordingly. Consensus regarding accepted information security principles is achieved first within the GASSP Committee followed by international IT community review.

GAAP versus GASSP?

Six Apart, a company who makes the blogging tools islaunching a free, semi-open-source filter for blog comment spam, named TypePad AntiSpam. TypePad AntiSpam is the same antispam technology that's currently built into TypePad, but the company is making it available to all who want it, with no charge and no usage restrictions. The service is in semi-beta: "The code is not beta but the (open source framework around it) is," Six Apart CEO Chris Alden also said.

Feature:
- Use it for free. TypePad AntiSpam beta is free for any type of use, personal and commercial, regardless of how many comments you receive. Plugins are available for Movable Type and WordPress.
- Help make it better. Whenever you report unwanted comments, the TypePad AntiSpam engine learns from you, so that it can make even smarter and more effective decisions about spam in the future.

Since the massive implementation of information technology, the need of proper end point security become one of the critical discussion in the company about how manage end point security effectively.

End Point Security Definition:

• A strategy in which security software is distributed to end-user devices but centrally managed [searchsecurity.techtarget.com]
• An information security concept that basically means that each device (end-point) is responsible for its own security [wikipedia.com]
• An individual computer system or device that acts as a network client and serves as a workstation or personal computing device[endpointsecurity.org]

Example of  End Point Devices:
Laptop, PCs, Handhelds, specialized equipment such as inventory scanners and point-of-sale terminals

Download Page
filename: winscp415.exe
size: 1.3MB
website: winscp.net

WinSCP is a SFTP client and FTP client for Windows. Its main function is the secure file transfer between a local and a remote computer. It uses Secure Shell (SSH) and supports, in addition to Secure FTP, also legacy SCP protocol.

Development of WinSCP started around May 2000 and continues. Originally it was hosted by the University of Economics in Prague, where its author worked at the time. Since July 16, 2003 it is licensed under GPL and hosted on SourceForge.net.

WinSCP is based on the implementation of the SSH protocol from PuTTY and FTP protocol from FileZilla.

WinSCP is also available as a plugin for two file managers, FAR and Altap Salamander.

Internet Explorer 7.0 vs. Safari 3.0 vs. Firefox 3.0 Comparison in security perspective