Federal Manager's Daily Report

The General Accounting Office has identified 18 technologies

available to agencies to improve information security.


It also listed categories of controls that can be used to

restrict the ability of unknown or unauthorized users to view

or use information, hosts, or networks.

System integrity ensures that a system and its data are not

illicitly modified or corrupted by malicious code. Cryptography

is the process of transforming ordinary data into code form

so that the information is accessible only to those who are

authorized to have access. Auditing and monitoring help

administrators perform investigations during and after a

cyber attack. Configuration management and assurance help

administrators view and change the security settings on their

hosts and networks, verify the correctness of security

settings, and maintain operations in a secure fashion under

conditions of duress.

The technologies available to address the above include smart

tokens that establish user identity through an integrated

circuit chip in a portable device such as a smart card or a

time synchronized token. Security event correlation tools

monitor and document actions on network devices and analyze

the actions to determine if an attack is ongoing or has