INFOWORLD

April 20, 1998

CEOs Should Clue In To Security, pg 67

• What is the record of security breaches and
  how were those fixed ?    

• What has been the magnitude of the problems ?     

• What's the worst thing possible that could
  happen and what is its significance ?     

• What's the risk ?   And what are the liabilities
  to the company if clients or the supply chain
  suffer ?     

• How could the problem have happened in the
  first place ?     

• Who is in charge of security issues and the
  specific problem ?     

The Danger Within, pgs 95-98

• Don't leave backup tapes and drives out in the
  open where other employees can get them.     

• Make sure all walls go up to a permanent
  ceiling. (so someone can't crawl over them)     

• Don't let stray hands touch your servers.     

• Don't have monitors facing open windows so
  that someone with a videocam can film them.     

• Change passwords frequently.     

• Corporate intelligence is a $300 Billion
  business -- don't think that others have no
  interest in your operations.     

• Periodically penetration-test your company.     

• Background check before you hire, and
  periodically re-check.     

• Retaliation by disgruntled employees is your
  biggest concern.