 |
Dr. Bob Spencer - Whitepapers and Articles of InterestReturn to Home Page |
|
The following are articles and whitepapers written by Dr. Spencer and others. These are often referenced in seminars and lectures by Dr. Spencer and provided here for download. These may also be utilized by Clients and frequent visitors. Please respect and comply with copyright and intelligent property rights of those who have contributed the information here. For the sample policy and Internal Control procedures, as well as all materials, provided here, these are guidelines only and no warrant is implied. As always, seek legal counsel before instituting.
Sample Web and Portal Use Policy, last update 1/01/2011, provides guidance for managing users of company's web and portal sites.
Sample Acceptable Use Policy, last updated 12/30/2010, provides guidance for managing the technology in an office environment.
Sample Password Policy, last updated 07/15/2011, provides guidance for managing the use of passwords in an office.
Sample Social Networking Policy, last updated 12/30/2010, provides appropriate wording for managing social networking activity as well as the use of social media tools within your business. The following is a running commentary on social network practices and managing social networking in the office as compiled by Dr. Spencer, last updated 10/1/2010.
Business Continuity Disaster Recovery Plan, last updated 12/30/2010, provides basic guidelines and a sample outline for developing and preparing a realistic Disaster Recovery Plan document. The plan may be further augmented using an inexpensive web based solution Survivor or Statistic.
Records Retention Guideline, last updated 12/30/2008, provides guidance on the responsibility and practices to creating and implementing a proper Records Retention Policy.
Handheld Device Access Agreement, last updated 12/10/2011, provides general guidelines for a written agreement between the organization and employees or others that may transport company owned data.
Sensitive Information Policy. last updated 11/28/2011, provides guidance on creating your organizations policy for sensitive information as provided by the SANS Institute.
Sample IT Security Plan, last updated 12/30/2008, provides detail guidance on planning and monitoring your Information Technology infrastructure. Based on the MIT security plan, AICPA recommendations, and other references, if you are concerned about the security of your network - this is a great place to start.
Best Practices for Keeping Your Home Network Secure. The cyber threat is no longer limited to your office network and work persona. Adversaries realize that targets are typically more vulnerable when operating from their home network since there is less rigor associated with the protection, monitoring, and maintenance of most home networks. Home users need to maintain a basic level of network defense and hygiene for both themselves and their family members when accessing the Internet.
How to audit your website, whitepaper by R. Justin Spencer, www.spencersem.com, that explores methods for you to properly audit your firm or business website.
Dual Monitor Productivity Research - In case you have not been convinced of the value of multiple monitors yet. University of Utah study, sponsored by NEC has valuable insight.
How to setup multiple monitors. If your convinced that multiple monitors can help you be more productive, perhaps this how to article can be of help,
BIOS Beep Codes - Useful document that helps you understand those strange beeping noises your computer makes a startup.
Flash Drive Encryption - How to do it, by Robert H. Spencer, PhD This simple article published in late 2009 runs you through how to use freely available software to encrypt those pesky flash drives before they leave the office! Here is a sample Internal Control Procedure for Managing Encrypted Removable Flash Drives in your business so as to mitigate as much liability under State Breach Laws as possible.