This reminds me of the situation when I graduated High School. My best friend filled her schedule with all AP courses, had not study halls, etc. I took what I had to, AP courses that interested me (math and physics), and things like drafting and small engines, and made sure I always had a study hall.
At the time in Wisconsin the top two students at each school got full state scholarships. According to the school she was ranked #2 and I was ranked #6, because the school weighted AP courses at 4.5 and gave you a higher ranking for more quantity of credits. Big surprise at the end of the year when the school let us know that the state ranked me #2 because it just went off straight grade point average. She had to give the salutatorian speech, but I got her scholarship from the state. Surprising she's still my friend:)
What has not been factored in is the cost of Marsha or John forgetting to change the seat position before performing toilet operations. The scenario would be John attempting to perform #2 or Marsha performing #1 or #2 with the seat in the up position. This generally happens (at least in my house) because the user is still half-asleep or their senses are otherwise dulled. The probability of this occurring is much much lower than p, however the cost to the user when this happens is much much higher than the cost of a single change-the-seat-position action. The cost of the yelling from Marsha is (again in my experience) also much much higher.
There is also the inverse, where John forgets to raise the toilet seat before #1, often for the same reasons as above. Again the probability is lower and the cost (either of needing to clean the toilet seat or of yelling from Marsha when she sits on a wet seat) is greater than the costs of changing the seat position.
In any case in my house the game includes a 5 year old boy who generally waits till the last second and then runs into the bathroom doing the potty dance, and doesn't remember to raise the toilet seat for #1. The resulting mess I think now even has my "Marsha" raising the toilet seat after use in anticipation of this activity.
I've been using TaxAct since like 2001. I spend $19.95 to download the federal and one state module, and the $19.95 includes one free Federal electronic filing. And I think it would have been under an additional $10 to file my State online as well (I'm too cheap though, so I mailed it.)
I've heard that they audit a higher percentage of electronically filed returns, presumably because its easier/the cost per audit is cheaper for an electronically filed return, but I don't know if any of that is true.
If you read the FAQ from the Colony Collapse disorder working group you'll find that Genetically Modified Crops and Cell phone Radiation are not likely causes:
"What are examples of topics that the CCD working group is not currently investigating? GMO crops: Some GMO crops, specifically Bt Corn have been suggested as a potential cause of CCD. While this possibility has not been ruled out, CCD symptoms do not fit what would be expected in Bt affected organisms. For this reason GMO crops are not a "top" priority at the moment.
Radiation transmitted by cell towers: The distribution of both affected and non-affected CCD apiaries does not make this a likely cause. Also cell phone service is not available in some areas where affected commercial apiaries are located in the west. For this reason, it is currently not a top priority.
Causes still under investigation include: What potential causes of CCD is the Working Group investigating? The current research priorities under investigation by various members of the CCD working group, as well as other cooperators include, but is not limited to:
Chemical residue/contamination in the wax, food stores and bees
Known and unknown pathogens in the bees and brood
Parasite load in the bees and brood
Nutritional fitness of the adult bees
Level of stress in adult bees as indicated by stress induced proteins
Lack of genetic diversity and lineage of bees
As a former Christian and current closet Athiest, I see Scientology as a religion just as much as Christianity, etc. (although much newer).
Both religions provide a purpose and guidance for behavior for people who need these things outside their own personal experience, who need something to strive for and believe in.
However I see one key element that for me says that Christianity is good and Scientology is bad - Christianity is based on selflessness - you are taught that the meek shall inherit the earth, to give even if you have little to give, etc. This is why it is desireable for the 95% of the population that have 5% of the wealth.
What I hear of Scientology is based on selfishness - its OK to gain wealth. Its Ok to spend your time and your wealth on yourself - moving up within the different levels of Scientology. This is why its desireable to the Hollywood types, and the rest of the 5% of the population that control 95% of the wealth. A religion that makes them feel guilty for being wealthy and not sharing just isn't desireable for most of them.
Firstly, I'm surprised to see a smaller quantity and variety of things people have built than I would have expected.
I already voted "Telescope" above, but I actually have somewhat of a list of things I've built: - A number of kites. I think the coolest one is a Nasa Parawing. A couple yards of ripstop nylon and some strong kite thread, and you've got a simple kite that will drag you across the ground. - A weaving loom (not a real fancy one) - A MAME cabinet. OK, so I didn't finish the whole cabinet, but I did build the controller. - I also have the standard pile of finished electronics kits and other odd projects.
Yeah, mine is a telescope too- 12.5 inch "Obsession" style truss-dobsonian. Actually I just recently finished it. Bought the primary mirror off E-Bay, and another $200 worth of parts that I didn't have in my basement mostly off the Internet, the book "The Dobsonian Telescope" by David Kriege, and 3 months later I'm ready to take it out for true "first light" the next clear night.
I can't ever see myself grinding a mirror, though.
There is an inherent flaw with many of the commercial laptop full-disk encryption solutions out there. I have the most experience with Utimaco's Safeguard Easy, but I know many of the other big players have the same fault -
The software has a feature called "Pre-boot Authentication", by which the encryption software is loaded after the bios, but before the (generally Windows) operating system. The user's password is used to generate the decryption key, so theorhetically not even the NSA could decrypt the laptop without the user's password.
Here's the flaw - the software has a checkbox to disable Pre-boot authentication. What this does is generate a default user with a random password, and then store this random password obfuscated but in clear-text in the same disk area decryption software. When you talk to the sales-people, they sell this as a feature, in fact about half of Utimaco's customers (so I'm told) run it in this mode because the encryption becomes transparent and it is much less intrusive on the user. (Basically the disk is automatically decrypted each time the laptop is booted, but you have to have a valid Windows login to get in.) Buried in the help documentation are warnings "For security reasons, you should Never disable pre-boot authentication". So the engineers and the company know the weakness of disabling pre-boot authentication, but they don't tell their customers when they sell the software.
Today it seems to break into these laptops with pre-boot authentication disabled you would need somewhat sophisticated tools and techniques, basically the same tools and techniques people commonly use to "crack" commercial software today. But I'm guessing that it won't be very long before someone takes the time to build this crack and releases it, rendering the laptop encryption useless to anyone who can Google for "Utimaco Crack", etc. Basically all the crack would need to do is grab the default user's password off the disk and use or duplicate the decryption algorithms that are also in clear-text on the disk.
I've talked to a number of IT security folks, and basically it seems like most people trust the sales folks and don't understand that its basically impossible to have strong encryption without having the decryption key stored off the disk (like on a smart card, or in the brain of the user.)
I received an undergrad in Physics and Comp Sci from a liberal arts college, so I thought I was pretty well rounded. I then went into various development, network management, and eventually IT leadership positions. I started pursuing my MBA thinking it was basically going to be busy work to prove to others that I am ready to move to the next level (a leadership position outside if IT). Some of it is busy work, but there is real value to much of the content, even though I've been a do-er and a leader in corporate America for a number of years. I'm about half way through earning my degree, and I've already learned a lot that will help me attain and be successful at the next level.
This is so wrong. For $65K, there is no bargaining with Microsoft.
For a corporation of this scale, you really have three options: 1. - MS Select Level "A" - You commit to buy a certain amount of desktop application software each year for the next three years, and you will get a slightly better price than the standard (Open) license cost. You can choose to purchase this with or without software assurance - basically paying a 30% maintenance fee to get free upgrades when new releases come out. 2. - MS Enterprise agreement - you pay more than you would under select Level "A" with software assurance and get other preipheral benefits that aren't worth the extra cost. 3. - Purchase retail upgrades rather than under a corporate license. You can save like 30% or more off the cost of the full corporate license. If you talk to your Microsoft rep about this, they'll tell you that you could do this, but no one would want to because you have to store each license and media, blah blah blah. Well, there are companies that are more than willing to store a few dozen cases of MS office retail upgrade boxes to save $100,000. And Microsoft knows this, because they know that a corporate VAR wouldn't be purchasing 900 retail boxed office upgrades in one shot for their (non-existant) retail client base. Microsoft keeps an absurd number of retail boxed upgrades in their warehouses because more companies than you would think choose this route.
I'm currently enrolled in an online MBA program, a couple of my observations:
I received my undergrad physically present at a liberal arts college. After freshman year, I think you get a lot more valuable stuff out of college than just the knowledge you gain in class (things like social skills, teamwork, and communication).
However if you've been working as a knowledge worker out in the world I think you get enough experience/practice with these in your work, and will not gain the additional benefits of getting this experience in school as well. In this instance, there are a lot of benefits to the online degree: Fits into your schedule, you don't have to sit through a class that goes at the pace of the slowest learner, etc.
Another aspect of the online degree - at least in the classes I'm taking - you are forced to participate and provide original insights throughout the class. Most of this is in the form of threaded discussions, which are monitored by the professor, and which you must post to to receive credit. In a lot of physical classes, as long as you do the homework you can sleep through class and never participate.
In fact, I think for some of my online courses I put in more time than I would if I had to show up and listen to the professor for four hours a week.
I'm attending Keller graduate school. For any of the courses I'm taking, I can choose to take it online, or I can choose to take a physical class at one of the local campuses. I'm pretty sure the "degree" (piece of paper I'll file away and never look at again) doesn't differentiate itself whether its online or physical.
Computers make problem solving easier, and the human has to think less when solving a problem with a computer. When you are learning, the goal is to think more, not to solve the problem as quickly as possible.
For this reason I have always been against the widespread use of computers in school.
I think that's great that your family has such a pattern and guidelines, and everyone is thriving in it. Before I was a parent, I pictured our household being like that, too. Then I adopted my son, and learned very quickly that every child is unique. It would be my opinion that your daughter doing so well in the environment you lay out has a lot to do with her natural tendencies, and a lot of other kids would react to that environment much differently.
Another student technician at my college (Carroll College, WI, ~1996) wanted to add code to the NDS login script to clear our the Internet Explorer cache. So he added the following code: C: CD \Program Files\IE\Cache (or whatever the path to the IE cache was for the version on our lab computers) Deltree *.*
Suddenly students in dorms started calling saying when they logged onto the network it started to delete their harddrive. If the computer didn't have an IE cache directory where the line of code above expected, it would delete starting at the root.
Is it possible that one thing that could impact the rankings is the quality of home-life relative to work-life. IT workers on average are paid higher. They likely have less stressful home lives (i.e. not worrying as much about paying bills). They also have more money for non-necessities like toys and travelling.
So IT professionals may be unhappy with their work life because they are more "spoiled" and have more desire to be living their home life.
I saw a PBS special some time ago on salmon migration. There are special "fish ladders" that allow the salmon to swim upstream around the dams. On many of the ladders, they have an area where fish swim past a window. People sit in front of these windows and count each type of fish as they go past.
I wonder if this technology has replaced that process. I also wonder how effective it is at separating different breeds of the same type of fish. (If I remember there were many different "breeds" of salmon, that were just slightly distinct visually from eachother)
Your calculations seem to be incorrect. 1 bushel is approximately equal to 9.3 gallons. I find it unlikely you could get 32 gallons of biodiesel from 9 gallons of corn. 4.2 pounds of biodiesel is much closer ti 1/2 gallon, not 32.
According to http://www.fsa.usda.gov/daco/bioenergy/2002/2002Fa ctorsNFormulas.pdf a bushel of corn yeilds on the order of 2 gallons of fuel (not 32). Also, in practice, we will get on the order of 20 100lb bales of stalk per acre, yeilding ~2000lbs of stalk material, not 7500
Last year I attended the SANS training session for IDS, and it was excellent.
The first couple days covered TCP/IP packet composition and attacks. There were then a couple of days about installing and using Snort (taught by Marty Roesch, creater of Snort). Really taught how to use and get value out of your IDS, including a lot of real world examples from people who use it in sites attacked a lot more frequently than mine.
Re:Tech support for your family??
on
Family Tech Support
·
· Score: 5, Insightful
It saddens me that so many people have this attitude. I do tech support for a lot of the people in my (extended) family.
However, in my family, if you can do it, you just do it. My uncle who is a plumber gave my hundreds of dollars worth of pipe, etc when I was remodeling (not to mention lots of advice). And he's roto-rooted our drain for free. Another uncle lets me hunt his 40 acres of prime forest. My in-laws sanded and refinished our floors. I could go on and on.
You just help out if you have the skills, and don't worry about what your getting in return. It all comes around.
In our GLBA audits, some of the things examiners were looking for the most were:
A written security program that coordinates all aspects of the physical and electronic data security
A risk assessment that details systems and the data they contain, vulnerabilties and threats, controls in place to mitigate threats, and the overall effectiveness of controls
Vendor management policies and practices
Involement, approval, and annual reporting to the board of directors of the security program
While a penetration test is definetely one part of what is necessary to obtain GLBA complaince, there is a great deal more than that.
I just found out that the lawyers will use these same resources to track down the birthfather of the baby we want to adopt. If they find him, which used to be much harder to do, he will be provided with lawyers by the state to help him fight the adoption.
Slashdot Mirror
This reminds me of the situation when I graduated High School. My best friend filled her schedule with all AP courses, had not study halls, etc. I took what I had to, AP courses that interested me (math and physics), and things like drafting and small engines, and made sure I always had a study hall.
:)
At the time in Wisconsin the top two students at each school got full state scholarships. According to the school she was ranked #2 and I was ranked #6, because the school weighted AP courses at 4.5 and gave you a higher ranking for more quantity of credits. Big surprise at the end of the year when the school let us know that the state ranked me #2 because it just went off straight grade point average. She had to give the salutatorian speech, but I got her scholarship from the state. Surprising she's still my friend
What has not been factored in is the cost of Marsha or John forgetting to change the seat position before performing toilet operations. The scenario would be John attempting to perform #2 or Marsha performing #1 or #2 with the seat in the up position. This generally happens (at least in my house) because the user is still half-asleep or their senses are otherwise dulled. The probability of this occurring is much much lower than p, however the cost to the user when this happens is much much higher than the cost of a single change-the-seat-position action. The cost of the yelling from Marsha is (again in my experience) also much much higher.
There is also the inverse, where John forgets to raise the toilet seat before #1, often for the same reasons as above. Again the probability is lower and the cost (either of needing to clean the toilet seat or of yelling from Marsha when she sits on a wet seat) is greater than the costs of changing the seat position.
In any case in my house the game includes a 5 year old boy who generally waits till the last second and then runs into the bathroom doing the potty dance, and doesn't remember to raise the toilet seat for #1. The resulting mess I think now even has my "Marsha" raising the toilet seat after use in anticipation of this activity.
Wow that is very expensive.
I've been using TaxAct since like 2001. I spend $19.95 to download the federal and one state module, and the $19.95 includes one free Federal electronic filing. And I think it would have been under an additional $10 to file my State online as well (I'm too cheap though, so I mailed it.)
I've heard that they audit a higher percentage of electronically filed returns, presumably because its easier/the cost per audit is cheaper for an electronically filed return, but I don't know if any of that is true.
If you read the FAQ from the Colony Collapse disorder working group you'll find that Genetically Modified Crops and Cell phone Radiation are not likely causes:
"What are examples of topics that the CCD working group is not currently
investigating? GMO crops: Some GMO crops, specifically Bt Corn have been
suggested as a potential cause of CCD. While this possibility has not been ruled out,
CCD symptoms do not fit what would be expected in Bt affected organisms. For this
reason GMO crops are not a "top" priority at the moment.
Radiation transmitted by cell towers: The distribution of both affected and non-affected
CCD apiaries does not make this a likely cause. Also cell phone service is not available
in some areas where affected commercial apiaries are located in the west. For this reason,
it is currently not a top priority.
Causes still under investigation include:
What potential causes of CCD is the Working Group investigating? The current
research priorities under investigation by various members of the CCD working group, as
well as other cooperators include, but is not limited to:
Chemical residue/contamination in the wax, food stores and bees
Known and unknown pathogens in the bees and brood
Parasite load in the bees and brood
Nutritional fitness of the adult bees
Level of stress in adult bees as indicated by stress induced proteins
Lack of genetic diversity and lineage of bees
As a former Christian and current closet Athiest, I see Scientology as a religion just as much as Christianity, etc. (although much newer).
Both religions provide a purpose and guidance for behavior for people who need these things outside their own personal experience, who need something to strive for and believe in.
However I see one key element that for me says that Christianity is good and Scientology is bad -
Christianity is based on selflessness - you are taught that the meek shall inherit the earth, to give even if you have little to give, etc. This is why it is desireable for the 95% of the population that have 5% of the wealth.
What I hear of Scientology is based on selfishness - its OK to gain wealth. Its Ok to spend your time and your wealth on yourself - moving up within the different levels of Scientology. This is why its desireable to the Hollywood types, and the rest of the 5% of the population that control 95% of the wealth. A religion that makes them feel guilty for being wealthy and not sharing just isn't desireable for most of them.
I've been comteplating a yurt. What size, how much did you invest, did you make the canvas cover yourself or order one?
Firstly, I'm surprised to see a smaller quantity and variety of things people have built than I would have expected.
I already voted "Telescope" above, but I actually have somewhat of a list of things I've built:
- A number of kites. I think the coolest one is a Nasa Parawing. A couple yards of ripstop nylon and some strong kite thread, and you've got a simple kite that will drag you across the ground.
- A weaving loom (not a real fancy one)
- A MAME cabinet. OK, so I didn't finish the whole cabinet, but I did build the controller.
- I also have the standard pile of finished electronics kits and other odd projects.
Yeah, mine is a telescope too- 12.5 inch "Obsession" style truss-dobsonian. Actually I just recently finished it. Bought the primary mirror off E-Bay, and another $200 worth of parts that I didn't have in my basement mostly off the Internet, the book "The Dobsonian Telescope" by David Kriege, and 3 months later I'm ready to take it out for true "first light" the next clear night.
I can't ever see myself grinding a mirror, though.
There is an inherent flaw with many of the commercial laptop full-disk encryption solutions out there. I have the most experience with Utimaco's Safeguard Easy, but I know many of the other big players have the same fault -
The software has a feature called "Pre-boot Authentication", by which the encryption software is loaded after the bios, but before the (generally Windows) operating system. The user's password is used to generate the decryption key, so theorhetically not even the NSA could decrypt the laptop without the user's password.
Here's the flaw - the software has a checkbox to disable Pre-boot authentication. What this does is generate a default user with a random password, and then store this random password obfuscated but in clear-text in the same disk area decryption software. When you talk to the sales-people, they sell this as a feature, in fact about half of Utimaco's customers (so I'm told) run it in this mode because the encryption becomes transparent and it is much less intrusive on the user. (Basically the disk is automatically decrypted each time the laptop is booted, but you have to have a valid Windows login to get in.) Buried in the help documentation are warnings "For security reasons, you should Never disable pre-boot authentication". So the engineers and the company know the weakness of disabling pre-boot authentication, but they don't tell their customers when they sell the software.
Today it seems to break into these laptops with pre-boot authentication disabled you would need somewhat sophisticated tools and techniques, basically the same tools and techniques people commonly use to "crack" commercial software today. But I'm guessing that it won't be very long before someone takes the time to build this crack and releases it, rendering the laptop encryption useless to anyone who can Google for "Utimaco Crack", etc. Basically all the crack would need to do is grab the default user's password off the disk and use or duplicate the decryption algorithms that are also in clear-text on the disk.
I've talked to a number of IT security folks, and basically it seems like most people trust the sales folks and don't understand that its basically impossible to have strong encryption without having the decryption key stored off the disk (like on a smart card, or in the brain of the user.)
I received an undergrad in Physics and Comp Sci from a liberal arts college, so I thought I was pretty well rounded. I then went into various development, network management, and eventually IT leadership positions. I started pursuing my MBA thinking it was basically going to be busy work to prove to others that I am ready to move to the next level (a leadership position outside if IT). Some of it is busy work, but there is real value to much of the content, even though I've been a do-er and a leader in corporate America for a number of years. I'm about half way through earning my degree, and I've already learned a lot that will help me attain and be successful at the next level.
This is so wrong. For $65K, there is no bargaining with Microsoft.
For a corporation of this scale, you really have three options:
1. - MS Select Level "A" - You commit to buy a certain amount of desktop application software each year for the next three years, and you will get a slightly better price than the standard (Open) license cost. You can choose to purchase this with or without software assurance - basically paying a 30% maintenance fee to get free upgrades when new releases come out.
2. - MS Enterprise agreement - you pay more than you would under select Level "A" with software assurance and get other preipheral benefits that aren't worth the extra cost.
3. - Purchase retail upgrades rather than under a corporate license. You can save like 30% or more off the cost of the full corporate license. If you talk to your Microsoft rep about this, they'll tell you that you could do this, but no one would want to because you have to store each license and media, blah blah blah. Well, there are companies that are more than willing to store a few dozen cases of MS office retail upgrade boxes to save $100,000. And Microsoft knows this, because they know that a corporate VAR wouldn't be purchasing 900 retail boxed office upgrades in one shot for their (non-existant) retail client base. Microsoft keeps an absurd number of retail boxed upgrades in their warehouses because more companies than you would think choose this route.
I'm currently enrolled in an online MBA program, a couple of my observations:
I received my undergrad physically present at a liberal arts college. After freshman year, I think you get a lot more valuable stuff out of college than just the knowledge you gain in class (things like social skills, teamwork, and communication).
However if you've been working as a knowledge worker out in the world I think you get enough experience/practice with these in your work, and will not gain the additional benefits of getting this experience in school as well. In this instance, there are a lot of benefits to the online degree: Fits into your schedule, you don't have to sit through a class that goes at the pace of the slowest learner, etc.
Another aspect of the online degree - at least in the classes I'm taking - you are forced to participate and provide original insights throughout the class. Most of this is in the form of threaded discussions, which are monitored by the professor, and which you must post to to receive credit. In a lot of physical classes, as long as you do the homework you can sleep through class and never participate.
In fact, I think for some of my online courses I put in more time than I would if I had to show up and listen to the professor for four hours a week.
I'm attending Keller graduate school. For any of the courses I'm taking, I can choose to take it online, or I can choose to take a physical class at one of the local campuses. I'm pretty sure the "degree" (piece of paper I'll file away and never look at again) doesn't differentiate itself whether its online or physical.
Computers make problem solving easier, and the human has to think less when solving a problem with a computer. When you are learning, the goal is to think more, not to solve the problem as quickly as possible.
For this reason I have always been against the widespread use of computers in school.
I think that's great that your family has such a pattern and guidelines, and everyone is thriving in it. Before I was a parent, I pictured our household being like that, too. Then I adopted my son, and learned very quickly that every child is unique. It would be my opinion that your daughter doing so well in the environment you lay out has a lot to do with her natural tendencies, and a lot of other kids would react to that environment much differently.
This post just reminded me of a good one.
Another student technician at my college (Carroll College, WI, ~1996) wanted to add code to the NDS login script to clear our the Internet Explorer cache. So he added the following code:
C:
CD \Program Files\IE\Cache (or whatever the path to the IE cache was for the version on our lab computers)
Deltree *.*
Suddenly students in dorms started calling saying when they logged onto the network it started to delete their harddrive. If the computer didn't have an IE cache directory where the line of code above expected, it would delete starting at the root.
Is it possible that one thing that could impact the rankings is the quality of home-life relative to work-life. IT workers on average are paid higher. They likely have less stressful home lives (i.e. not worrying as much about paying bills). They also have more money for non-necessities like toys and travelling.
So IT professionals may be unhappy with their work life because they are more "spoiled" and have more desire to be living their home life.
I saw a PBS special some time ago on salmon migration. There are special "fish ladders" that allow the salmon to swim upstream around the dams. On many of the ladders, they have an area where fish swim past a window. People sit in front of these windows and count each type of fish as they go past.
I wonder if this technology has replaced that process. I also wonder how effective it is at separating different breeds of the same type of fish. (If I remember there were many different "breeds" of salmon, that were just slightly distinct visually from eachother)
Your calculations seem to be incorrect.
a ctorsNFormulas.pdf a bushel of corn yeilds on the order of 2 gallons of fuel (not 32).
1 bushel is approximately equal to 9.3 gallons. I find it unlikely you could get 32 gallons of biodiesel from 9 gallons of corn. 4.2 pounds of biodiesel is much closer ti 1/2 gallon, not 32.
According to http://www.fsa.usda.gov/daco/bioenergy/2002/2002F
Also, in practice, we will get on the order of 20 100lb bales of stalk per acre, yeilding ~2000lbs of stalk material, not 7500
Fitting Willy Wonka movie quote:
.45. Pop won't let me have one yet, will you, Pop.
MIKE: (shoots his cap gun) Wait 'til I get a real one. Colt
MR. TEEVEE: Not 'til you're twelve, son.
The first couple days covered TCP/IP packet composition and attacks. There were then a couple of days about installing and using Snort (taught by Marty Roesch, creater of Snort). Really taught how to use and get value out of your IDS, including a lot of real world examples from people who use it in sites attacked a lot more frequently than mine.
Highly Recommended.
http://www.sans.org
It saddens me that so many people have this attitude. I do tech support for a lot of the people in my (extended) family.
However, in my family, if you can do it, you just do it. My uncle who is a plumber gave my hundreds of dollars worth of pipe, etc when I was remodeling (not to mention lots of advice). And he's roto-rooted our drain for free. Another uncle lets me hunt his 40 acres of prime forest. My in-laws sanded and refinished our floors. I could go on and on.
You just help out if you have the skills, and don't worry about what your getting in return. It all comes around.
Interagency Guidelines Establishing Standards For Safeguarding Customer Information
Interagency Guidelines
In our GLBA audits, some of the things examiners were looking for the most were:
- A written security program that coordinates all aspects of the physical and electronic data security
- A risk assessment that details systems and the data they contain, vulnerabilties and threats, controls in place to mitigate threats, and the overall effectiveness of controls
- Vendor management policies and practices
- Involement, approval, and annual reporting to the board of directors of the security program
While a penetration test is definetely one part of what is necessary to obtain GLBA complaince, there is a great deal more than that.One last excellent resource is the FFIEC Information Technology Examination Handbook.
Kevin
I just found out that the lawyers will use these same resources to track down the birthfather of the baby we want to adopt. If they find him, which used to be much harder to do, he will be provided with lawyers by the state to help him fight the adoption.