[IDS] RE: [WIMS] MPSA Security Article

[IDS] RE: [WIMS] MPSA Security Article

Brian Smithson bsmithson at ricohsv.com
Thu Feb 10 02:36:47 UTC 2011


Bill,

I've made a few (OK, a bunch) of suggestions. Use any of them you think are
worthwhile. I added them to Joe's suggestions.

-- 
Regards,
Brian Smithson
PMP, CSM, CISSP, CISA, ISO 27000 PA
Security Research, Planning
Advanced Customer Technologies
Ricoh Americas Corporation
bsmithson at ricohsv.com
(408)346-4435




On 2/9/2011 1:47 PM, Murdock, Joe wrote:
>
> Bill,
>
>  
>
> I've made a few suggested update inline:
>
>  
>
> ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110209jbm.doc
>
>  
>
> Joe
>
>  
>
>  
>
> *From:*ids-bounces at pwg.org [mailto:ids-bounces at pwg.org] *On Behalf Of
> *William Wagner
> *Sent:* Wednesday, February 09, 2011 1:11 PM
> *To:* 'Michael Sweet'
> *Cc:* mfd at pwg.org; ids at pwg.org; wims at pwg.org
> *Subject:* [IDS] RE: [WIMS] MPSA Security Article
>
>  
>
> Many thanks to Michael for his comments...they have been reflected in the
> text.  Any more comments, suggestions additions or deletions?  I would
> like to send this to Jim by tomorrow afternoon.
>
>  
>
> Thanks,
>
>  
>
> Bill Wagner
>
>  
>
> *From:*Michael Sweet [mailto:msweet at apple.com]
> *Sent:* Tuesday, February 08, 2011 5:46 PM
> *To:* William Wagner
> *Cc:* wims at pwg.org; ids at pwg.org; mfd at pwg.org
> *Subject:* Re: [WIMS] MPSA Security Article
>
>  
>
> On Feb 6, 2011, at 12:56 AM, William Wagner wrote:
>
>     An updated version reflecting comments made during the February
>     face-to-face is posted at :
>
>     ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.pdf and
>
>     ftp://ftp.pwg.org/pub/pwg/general/MPSA/Access_article_110205.doc
>
>      
>
>     This includes a short biblio and a set of survey questions.
>
>      
>
>     Comments and corrections are solicited. It is our objective to
>     finalize this information and send it to MPSA by  10 February so that
>     it can be posted next weekend.
>
>  
>
> Comments (on the PDF version):
>
>  
>
> Page 3: At the end of the first paragraph under "Log Generation and
> Availability", you have "... is often required for security purposes,
> (audit log), sometimes with alerts ..." - I don't think you meant to put
> commas around the parenthetical "audit log"...
>
>  
>
> Page 3: Paragraph starting with "Although the most secure approach"
> doesn't finish the thought. I think combining the first two sentences
> makes it clearer, e.g.:
>
>  
>
>     Although the most secure approach is for devices to continually send
>     out log information to an external repository as events occur, this
>     is often neither practical nor justifiable.
>
>  
>
> Page 7: Question 6 is multiple choice, right?
>
>  
>
> Page 8: Question 7 could also be multiple choice for a, b, or c... My
> recommendation would be to break this into two questions: "If you are
> implementing logging, where is it kept?" and "How to you implement
> billing?" with "Logs", "Simple copy count", "other", and "not implementing
> billing".
>
>  
>
> Otherwise shaping up very nicely - thanks for working on this, Bill!
>
>  
>
> ________________________________________________________________________
>
> Michael Sweet, Senior Printing System Engineer, PWG Chair
>
>  
>
>  
>
>  
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
> believed to be clean.
>
>
> -- 
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
> believed to be clean.
>
>
> _______________________________________________
> ids mailing list
> ids at pwg.org
> https://www.pwg.org/mailman/listinfo/ids


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ids/attachments/20110209/ae465f8e/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Access_article_110209jbm+bjs.doc
Type: application/msword
Size: 84992 bytes
Desc: not available
URL: <http://www.pwg.org/pipermail/ids/attachments/20110209/ae465f8e/attachment.doc>


More information about the ids mailing list
Our website uses cookies on your device to give you the best user experience. By using our website, you agree to the placement of these cookies. To learn more, read our privacy policy. Read Privacy Policy