Managing Security Through Services Process Leadership

<p><img title="2010-05-13_201938" style="border-right: 0px; border-top: 0px; display: inline; margin: 0px 10px 10px 0px; border-left: 0px; border-bottom: 0px" height="190" alt="2010-05-13_201938" src="" width="241" align="left" border="0" /> Challenge Question # 1 <br />To maintain network security, Acme corporation tightly controls software on devices connecting to their network. <br />Each vendor must pass a rigorous testing and certification process before their equipment can be connected. No changes allowed without recertification. </p> <p>Your technician Jan is covering for Dave who is away on vacation. She is called to an Acme device to address a power supply problem. A new software release resolves this issue. Jan upgrades the device to the new software level.</p> <p>Later that day, your account manager gets a call from Acme IT Security about (yet another) security violation.</p> <p>How was this a security violation?</p> <p>Challenge Question # 2 <br />Sales is working through the details of the managed services renewal for Acme. The final workshop with the customer is just closing out. Your products have the security features Acme is looking for and the pricing is favorable for both parties.</p> <p>Suddenly, the door opens and in walks the newly appointed Acme Security Officer. Casually, they hand you an Information Security Agreement (ISA) that&#160; hey’d like you to sign. The ISA has questions about security incident response, change management, business resumption, HR policies, and etc.</p> <p>Internally, where do you go for answers?</p>