Tracing Your Baltic, Scandinavian, Eastern European, and Middle Eastern Ancestry Online: Finnish, Swedish, Norwegian, Danish, Icelandic, Estonian, Latvian, Polish, Lithuanian, Greek, Macedonian, Bulgarian, Armenian, Hungarian, Eastern Europea
Author: Anne Hart
Are you online and ready for global smart card and database genealogy for virtual travelers? Here's how to search family history for nations bordering the Baltic Sea, the Balkans countries, Scandinavia, Eastern Europe, and the Middle East.
The nations listed in this guide (all faiths) include Finland, Sweden, Norway, Denmark, Iceland, Estonia, Latvia, Lithuania, Poland, Armenia, Assyria, Greece, Lebanon, Syria, and many other lands in the Middle East, the Balkans-Croatia, Macedonia, Bulgaria, Eastern Europe-Hungary, and more.
Collecting details about people is moving toward smart card technology and its offspring. The new wave in genealogy is authentication technology. Authentication begins with new-wave technology used to gather population registers.
Compare the new technology to the old method of door-to-door census taking, tombstone tracings, and city directory publishing. No, genealogists are not using smart cards this year, but smart card technology is being used to compile population registers in Europe.
The future holds a new wave of technology used for authentication for banking transactions being applied to other areas. Currently this technology is used for collecting details for population registrars such as census taking.
The application for research is of interest to family historians, librarians, and governments. It's already in use by private industry for electronic authentication.
Family history is now about intelligent connections, whether it's a population registrar, census detail, or electronic identity for banking. Smart card genealogy began in 1998 in Finland with governments seeking to put census and population registers in an electronic form that would be available to researchers, and these applications are going global.
Books about: The Unofficial Tourists Guide to Second Life or AutoCAD 2000 For Dummies
IT Governance: A Manager's Guide to Data Security and ISO 27001 / ISO 27002
Author: Alan Calder
Information is widely regarded as the lifeblood of modern business, but organizations are facing a flood of threats to such "intellectual capital" -- from hackers, viruses and online fraud. Increasingly, data protection, privacy regulations, computer misuses and regulations around investigatory powers are part of a complex and often competing range of requirements to which directors must respond. IT Governance will be essential to board members, executives, owners and managers of any business or organization that depends on information, that uses computers on a regular basis or that has an internet aspect to its overall strategy. With coverage of the Turnbull Report and the Combined Code (in the UK), and the Sarbanes-Oxley Act (in the US), the book examines standards of best practice for companies looking to protect and enhance their information security management systems, allowing them to ensure that their IT security strategies area coordinated, comprehensive and cost effective.
Table of Contents:
Acknowledgements xiIntroduction 1
Why is information security necessary? 9
The nature of information security threats 10
The prevalence of information security threats 12
Impacts of information security threats 13
Cybercrime 15
Cyberwar 17
Future risks 17
Legislation 21
Benefits of an information security management system 21
The Combined Code, the Turnbull Report and Sarbanes-Oxley 23
The Combined Code 23
The Turnbull Report 24
The Revised Combined Code 25
Sarbanes-Oxley 28
IT governance 31
ISO27001 33
Benefits of certification 33
The history of ISO27001 and ISO27002 35
The ISO/IEC 27000 series of standards 36
Use of the standard 37
ISO/IEC 27002 37
The Plan-Do-Check-Act and process approach 39
Structured approach to implementation 40
Quality system integration 42
Documentation 43
Continual improvement and metrics 47
Organizing information security 49
Internal organization 50
Management review 51
Information security manager 52
The cross-functional management forum 53
The ISO27001 project group 55
Approval process for information processing facilities 60
Product selection and the Common Criteria 61
Specialist information security advice 62
Contact with authorities and special interest groups 67
Independent review of information security 67
Summary 68
Information security policy and scope 69
Information security policy 69
A policy statement 76
Costs and the monitoring of progress 77
The risk assessment and statement of applicability 79
Establishing security requirements 79
Risks, impacts and risk management 79
Selection of controls and statement of applicability 93
Gap analysis 97
Risk assessment tools 97
Risk treatment plan 98
Measures of effectiveness 99
External parties 101
Identification of risks related to external parties 101
Types of access 103
Reasons for access 104
Outsourcing 105
On-site contractors 107
Addressing security when dealing with customers 108
Addressing security in third-party agreements 110
Asset management 114
Asset owners 114
Inventory 115
Acceptable use of assets 118
Information classification 118
Unified classification markings 121
Information labelling and handling 123
Non-disclosure agreements and trusted partners 128
Human resources security 129
Job descriptions and competency requirements 130
Screening 131
Terms and conditions of employment 134
During employment 136
Disciplinary process 142
Termination or change of employment 142
Physical and environmental security 145
Secure areas 145
Public access, delivery and loading areas 154
Equipment security 156
Equipment siting and protection 156
Supporting utilities 159
Cabling security 161
Equipment maintenance 162
Security of equipment off-premises 163
Secure disposal or reuse of equipment 164
Removal of property 164
Communications and operations management 167
Documented operating procedures 167
Change management 169
Segregation of duties 170
Separation of development, test and operational facilities 171
Third-party service delivery management 172
Monitoring and review of third-party services 173
Managing changes to third-party services 174
System planning and acceptance 175
Controls against malicious software (malware) and back-ups 180
Viruses, worms and Trojans 181
Spyware 182
Anti-malware software 182
Hoax messages 183
Anti-malware controls 184
Airborne viruses 187
Controls against mobile code 188
Back-up 189
Network security management and media handling 193
Network management 193
Media handling 196
Exchanges of information 199
Information exchange policies and procedures 199
Exchange agreements 202
Physical media in transit 203
Business information systems 204
Electronic commerce services 207
E-commerce issues 207
Security technologies 210
Server security 213
Online transactions 214
Publicly available information 215
E-mail and internet use 218
Security risks in e-mail 219
Spam 221
Misuse of the internet 221
Internet acceptable use policy 223
Access control 226
Hackers 226
Hacker techniques 227
System configuration 230
Access control policy 231
User access management 233
Clear desk and clear screen policy 242
Network access control 244
Networks 244
Network security 248
Operating system access control 257
Secure log-on procedures 257
User identification and authentication 259
Password management system 259
Use of system utilities 260
Session time-out 260
Limitation of connection time 261
Application access control and teleworking 262
Application and information access control 262
Mobile computing and teleworking 264
Systems acquisition, development and maintenance 270
Security requirements analysis and specification 271
Correct processing in applications 271
Cryptographic controls 275
Encryption 276
Public key infrastructure 277
Digital signatures 278
Non-repudiation services 279
Key management 280
Security in development and support processes 282
System files 282
Access control to program source code 284
Development and support processes 284
Vulnerability management 288
Monitoring and information security incident management 290
Monitoring 290
Information security events 295
Management of information security incidents and improvements 300
Legal admissibility 305
Business continuity management 306
BS25999 307
The business continuity management process 307
Business continuity and risk assessment 308
Developing and implementing continuity plans 309
Business continuity planning framework 311
Testing, maintaining and reassessing business continuity plans 315
Compliance 319
Identification of applicable legislation 320
Intellectual property rights 329
Safeguarding of organizational records 334
Data protection and privacy of personal information 335
Prevention of misuse of information processing facilities 336
Regulation of cryptographic controls 337
Compliance with security policies and standards, and technical compliance checking 337
Information systems audit considerations 340
The ISO27001 audit 342
Selection of auditors 343
Initial audit 344
Preparation for audit 345
Terminology 347
Useful websites 351
Further reading 359
Index 363
0 comments:
Post a Comment