Saturday, April 05, 2008

Security White Papers & Guides for download

This post gives you some links to online available White Papers and Guides from the Microsoft download site - I hope you can use some of it to analyze and protect your own network(s)!

New Security White Paper of April 2008:

"The Microsoft US National Security Team is composed of strategic security advisors who work with Microsoft customers, partners, MS internal constituencies and the information security industry to promote the adoption of security processes and technologies. The NST also focuses on driving vertical security solutions for a wide range of industries. To this end, the NST has produced a number of white papers that address the specific security needs of particular industries, such as the professional services and financial services industries."

You will find these papers:

- Electronic Signature Assurance and the Digital Chain-of-Evidence
- Enabling Secure Collaboration for Professional Services Firms
- Establishing the Foundation of Authenticity for Electronically Stored Information
- Information Protection Strategies For Financial Services
- Optimizing Branch Office Security and Productivity in the Financial Services Sector
- Secure Software Development for the Financial Services Industry
- Securing the Retail Store-Securing the Data

Go get them here!


Also, go check out the "Fundamental Computer Investigation Guide for Windows":

"The Fundamental Computer Investigation Guide for Windows Solution Accelerator is intended for IT professionals who need to effectively conduct investigations of Microsoft® Windows®–based computers in their organizations. It provides a computer investigation model as well as process and best practice information. The guide also provides a fictitious example of an investigation that involves unauthorized access to confidential information. This investigation uses the provided guidance and demonstrates the use of numerous tools. Information is also included about how to configure a lab to create the example scenario. An appendix provides information about how to prepare for computer investigations, sample worksheets, contact information for reporting different types of computer-related crimes to appropriate law enforcement agencies, and lists of useful tools."

Go get that document right here!


And finally, what about checking out the "The Security Risk Management Guide"?:

"The Security Risk Management Guide explains how to conduct each phase of a security risk management project and create an ongoing process that drives the organization towards the most useful and cost-effective controls to mitigate security risks. It incorporates real-world experiences from Microsoft IT and also includes input from Microsoft customers and partners.
This guide references many industry accepted standards for managing security risks. It is an important example of Microsoft's commitment to delivering quality guidance to help customers secure their IT infrastructures.

That document is available right here!