This document is a companion resource to the Applying Security Practices to Justice Information Sharing (Applying Security Practices) document; it contains expanded information with overviews and guidelines for secure information sharing, and it provides content specifically relevant to wireless environments, and information security practices.
This document is divided into sections that discuss the critical security disciplines for wireless security for each of the following key objectives: Support, for governance, physical security, personnel security screening, and separation of duties; Prevention, including identification and authentication, authorization and access control, data integrity, public access, privacy, and confidentiality, firewalls, VPNs (virtual personal networks), and other network safeguards; Detection and Recovery, including attack detection and prevention, security auditing, risk management, and disaster recovery and business continuity. Each of the document’s security discipline sections is constructed as follows: description and purpose, providing a summary of the discipline and the role it plays in securing information; principles, identifying the qualities that should be in place to securely manage justice information; policies, containing guidance and references to sample internal information security policies; best practices, including tutorials and overviews of the best ways to apply the tools, technologies, and processes within each discipline; and references, providing resources to aid justice organizations with designing security practices that meet industry standards.