[IDS] RE: [WIMS] MPSA Security Article

[IDS] RE: [WIMS] MPSA Security Article

Brian Smithson bsmithson at ricohsv.com
Thu Feb 10 02:36:47 UTC 2011


Bill,

I've made a few (OK, a bunch) of suggestions. Use any of them you think are
worthwhile. I added them to Joe's suggestions.

-- 
Regards,
Brian Smithson
PMP, CSM, CISSP, CISA, ISO 27000 PA
Security Research, Planning
Advanced Customer Technologies
Ricoh Americas Corporation
bsmithson at ricohsv.com
(408)346-4435




On 2/9/2011 1:47 PM, Murdock, Joe wrote:
>
> Bill,
>
>  
>
> I've made a few suggested update inline:
>
>  
>
> ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110209jbm.doc
>
>  
>
> Joe
>
>  
>
>  
>
> *From:*ids-bounces at pwg.org [mailto:ids-bounces at pwg.org] *On Behalf Of
> *William Wagner
> *Sent:* Wednesday, February 09, 2011 1:11 PM
> *To:* 'Michael Sweet'
> *Cc:* mfd at pwg.org; ids at pwg.org; wims at pwg.org
> *Subject:* [IDS] RE: [WIMS] MPSA Security Article
>
>  
>
> Many thanks to Michael for his comments...they have been reflected in the
> text.  Any more comments, suggestions additions or deletions?  I would
> like to send this to Jim by tomorrow afternoon.
>
>  
>
> Thanks,
>
>  
>
> Bill Wagner
>
>  
>
> *From:*Michael Sweet [mailto:msweet at apple.com]
> *Sent:* Tuesday, February 08, 2011 5:46 PM
> *To:* William Wagner
> *Cc:* wims at pwg.org; ids at pwg.org; mfd at pwg.org
> *Subject:* Re: [WIMS] MPSA Security Article
>
>  
>
> On Feb 6, 2011, at 12:56 AM, William Wagner wrote:
>
>     An updated version reflecting comments made during the February
>     face-to-face is posted at :
>
>     ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.pdf and
>
>     ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.doc
>
>      
>
>     This includes a short biblio and a set of survey questions.
>
>      
>
>     Comments and corrections are solicited. It is our objective to
>     finalize this information and send it to MPSA by  10 February so that
>     it can be posted next weekend.
>
>  
>
> Comments (on the PDF version):
>
>  
>
> Page 3: At the end of the first paragraph under "Log Generation and
> Availability", you have "... is often required for security purposes,
> (audit log), sometimes with alerts ..." - I don't think you meant to put
> commas around the parenthetical "audit log"...
>
>  
>
> Page 3: Paragraph starting with "Although the most secure approach"
> doesn't finish the thought. I think combining the first two sentences
> makes it clearer, e.g.:
>
>  
>
>     Although the most secure approach is for devices to continually send
>     out log information to an external repository as events occur, this
>     is often neither practical nor justifiable.
>
>  
>
> Page 7: Question 6 is multiple choice, right?
>
>  
>
> Page 8: Question 7 could also be multiple choice for a, b, or c... My
> recommendation would be to break this into two questions: "If you are
> implementing logging, where is it kept?" and "How to you implement
> billing?" with "Logs", "Simple copy count", "other", and "not implementing
> billing".
>
>  
>
> Otherwise shaping up very nicely - thanks for working on this, Bill!
>
>  
>
> ________________________________________________________________________
>
> Michael Sweet, Senior Printing System Engineer, PWG Chair
>
>  
>
>  
>
>  
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
> believed to be clean.
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
> believed to be clean.
>
>
> _______________________________________________
> ids mailing list
> ids at pwg.org
> https://www.pwg.org/mailman/listinfo/ids


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/wims/attachments/20110209/ae465f8e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Access_article_110209jbm+bjs.doc
Type: application/msword
Size: 84992 bytes
Desc: not available
URL: <http://www.pwg.org/pipermail/wims/attachments/20110209/ae465f8e/attachment.doc>


More information about the wims mailing list