M. Scott Koger - Academia.edu (original) (raw)

Uploads

Conference Proceedings by M. Scott Koger

Proceedings of the Southwest Decision Sciences Institute, Mar 2005

Personal Computers (PC) are difficult to manage in university labs because they are individual ma... more Personal Computers (PC) are difficult to manage in university labs because they are individual machines with individual problems. This paper sets out to provide a procedure to successfully and consistently reimage and patch PCs so they are in a known good state. This procedure also provides an almost zero maintenance effort on the part of lab administrators. Lastly, different patch management scenarios are discussed.

Proceedings of the Southwest Decision Sciences Institute, Mar 2020

Infrared (IR) communications are often not considered to be a networking technology. In fact, in ... more Infrared (IR) communications are often not considered to be a networking technology. In fact, in reviewing a dozen security texts, there is no mention of IR. While the U. S. Committee on National Security Systems (CNSS) defines wireless technologies like infrared, acoustic, RF, and optical (Committee on National Security Systems, 2015), this paper will focus exclusively on IR communications as it is still widely used for control communications as an attack vector and an attack surface. The paper concludes with both implications for educators and practitioners.

Proceedings of the Southwest Decision Sciences, Mar 2023

The idea of securing an enterprise simply by securing the Internet point-of-presence is outdated.... more The idea of securing an enterprise simply by securing the Internet point-of-presence is outdated. Cloud computing, BYOD, and other innovations have increased the attack surface to the point where securing a single communication pathway is no longer enough. Zero Trust Network Architecture (ZTNA) provides an approach to mitigate the risks presented to modern IP based enterprises. ZTNA is not a technology. It is a mindset that begins with security by design. ZTNA employs network segmentation, VPNs, software-defined networks, Multi-Factor Authentication (MFA), and device authentication to deny implicit trust on IP networks.

Proceedings of the Southwest Decision Sciences Institute, Mar 2005

Personal Computers (PC) are difficult to manage in university labs because they are individual ma... more Personal Computers (PC) are difficult to manage in university labs because they are individual machines with individual problems. This paper sets out to provide a procedure to successfully and consistently reimage and patch PCs, so they are in a known good state. This procedure also provides an almost zero maintenance effort on the part of lab administrators. Lastly, different patch management scenarios are discussed.

Papers by M. Scott Koger

swdsi.org

There are many myths surrounding firewalls at universities. Many IT staff and faculty feel that i... more There are many myths surrounding firewalls at universities. Many IT staff and faculty feel that it will block what content they view or will bring the entire campus network to its knees. While poor implementations may do this, a properly installed firewall can provide secured ...

ASSOCIATION OF BUSINESS INFORMATION …, 2010

Page 61. PERSONAL MOBILE COMPUTING DEVICES-THE NEW PERIMETER M. Scott Koger Western Carolina Univ... more Page 61. PERSONAL MOBILE COMPUTING DEVICES-THE NEW PERIMETER M. Scott Koger Western Carolina University Brett JL Landry University of Dallas Abstract It is a falsehood to ignore the role of mobile devices in today's enterprises. ...

International Journal of Management in Education, 2008

Page 1. 300 Int. J. Management in Education, Vol. 2, No. 3, 2008 Copyright © 2008 Inderscience En... more Page 1. 300 Int. J. Management in Education, Vol. 2, No. 3, 2008 Copyright © 2008 Inderscience Enterprises Ltd. From 'chalk and talk' to online offerings: keeping pace with technology in education Brett JL Landry* Graduate ...

Information Security Journal: A Global Perspective, 2009

UISS1939-3555 1939-3547 Information Security Journal: A Global Perspective, Vol. 18, No. 4, Jul 2... more UISS1939-3555 1939-3547 Information Security Journal: A Global Perspective, Vol. 18, No. 4, Jul 2009: pp. 0–0 Information Security Journal: A Global Perspective Using the Private-Internet-Enterprise (PIE) ... Model to Examine IT Risks and Threats

swdsi.org

Personal Computers (PC) are difficult to manage in university labs because they are individual ma... more Personal Computers (PC) are difficult to manage in university labs because they are individual machines with individual problems. This paper sets out to provide a procedure to successfully and consistently reimage and patch PCs so they are in a known good state. This procedure also provides an almost zero maintenance effort on the part of lab administrators. Lastly, different patch management scenarios are discussed.

Journal on Educational Resources in Computing, 2006

Disasters happen all the time; yet despite this, many organizations are caught unprepared or make... more Disasters happen all the time; yet despite this, many organizations are caught unprepared or make unrealistic assumptions. These factors create environments that will fail during a disaster. Most information technology (IT) curricula do not cover disaster recovery (DR) plans and strategies in depth. The unfortunate result is that most new computer systems are implemented without sufficient disaster recovery plans and testing. Courses on network security need to examine DR as a real threat and cover it as a core module. By dispelling the 10 common myths, organizations can better plan, develop, and test true DR plans.

There is a common misconception that internal IP networks (intranets) are secure; and that extern... more There is a common misconception that internal IP networks (intranets) are secure; and that external networks such as the Internet are vulnerable and unsecured. The truth of the matter is that there is little on a network that is truly secure. The very nature of devices being networked makes them vulnerable on an IP network to various attacks and spoofs. This paper proposes a new model for examining enterprise computing and removes the concept of secure intranets.

Proceedings of the Southwest Decision Sciences Institute, Mar 2005

Personal Computers (PC) are difficult to manage in university labs because they are individual ma... more Personal Computers (PC) are difficult to manage in university labs because they are individual machines with individual problems. This paper sets out to provide a procedure to successfully and consistently reimage and patch PCs so they are in a known good state. This procedure also provides an almost zero maintenance effort on the part of lab administrators. Lastly, different patch management scenarios are discussed.

Proceedings of the Southwest Decision Sciences Institute, Mar 2020

Infrared (IR) communications are often not considered to be a networking technology. In fact, in ... more Infrared (IR) communications are often not considered to be a networking technology. In fact, in reviewing a dozen security texts, there is no mention of IR. While the U. S. Committee on National Security Systems (CNSS) defines wireless technologies like infrared, acoustic, RF, and optical (Committee on National Security Systems, 2015), this paper will focus exclusively on IR communications as it is still widely used for control communications as an attack vector and an attack surface. The paper concludes with both implications for educators and practitioners.

Proceedings of the Southwest Decision Sciences, Mar 2023

The idea of securing an enterprise simply by securing the Internet point-of-presence is outdated.... more The idea of securing an enterprise simply by securing the Internet point-of-presence is outdated. Cloud computing, BYOD, and other innovations have increased the attack surface to the point where securing a single communication pathway is no longer enough. Zero Trust Network Architecture (ZTNA) provides an approach to mitigate the risks presented to modern IP based enterprises. ZTNA is not a technology. It is a mindset that begins with security by design. ZTNA employs network segmentation, VPNs, software-defined networks, Multi-Factor Authentication (MFA), and device authentication to deny implicit trust on IP networks.

Proceedings of the Southwest Decision Sciences Institute, Mar 2005

Personal Computers (PC) are difficult to manage in university labs because they are individual ma... more Personal Computers (PC) are difficult to manage in university labs because they are individual machines with individual problems. This paper sets out to provide a procedure to successfully and consistently reimage and patch PCs, so they are in a known good state. This procedure also provides an almost zero maintenance effort on the part of lab administrators. Lastly, different patch management scenarios are discussed.

swdsi.org

There are many myths surrounding firewalls at universities. Many IT staff and faculty feel that i... more There are many myths surrounding firewalls at universities. Many IT staff and faculty feel that it will block what content they view or will bring the entire campus network to its knees. While poor implementations may do this, a properly installed firewall can provide secured ...

ASSOCIATION OF BUSINESS INFORMATION …, 2010

Page 61. PERSONAL MOBILE COMPUTING DEVICES-THE NEW PERIMETER M. Scott Koger Western Carolina Univ... more Page 61. PERSONAL MOBILE COMPUTING DEVICES-THE NEW PERIMETER M. Scott Koger Western Carolina University Brett JL Landry University of Dallas Abstract It is a falsehood to ignore the role of mobile devices in today's enterprises. ...

International Journal of Management in Education, 2008

Page 1. 300 Int. J. Management in Education, Vol. 2, No. 3, 2008 Copyright © 2008 Inderscience En... more Page 1. 300 Int. J. Management in Education, Vol. 2, No. 3, 2008 Copyright © 2008 Inderscience Enterprises Ltd. From 'chalk and talk' to online offerings: keeping pace with technology in education Brett JL Landry* Graduate ...

Information Security Journal: A Global Perspective, 2009

UISS1939-3555 1939-3547 Information Security Journal: A Global Perspective, Vol. 18, No. 4, Jul 2... more UISS1939-3555 1939-3547 Information Security Journal: A Global Perspective, Vol. 18, No. 4, Jul 2009: pp. 0–0 Information Security Journal: A Global Perspective Using the Private-Internet-Enterprise (PIE) ... Model to Examine IT Risks and Threats

swdsi.org

Personal Computers (PC) are difficult to manage in university labs because they are individual ma... more Personal Computers (PC) are difficult to manage in university labs because they are individual machines with individual problems. This paper sets out to provide a procedure to successfully and consistently reimage and patch PCs so they are in a known good state. This procedure also provides an almost zero maintenance effort on the part of lab administrators. Lastly, different patch management scenarios are discussed.

Journal on Educational Resources in Computing, 2006

Disasters happen all the time; yet despite this, many organizations are caught unprepared or make... more Disasters happen all the time; yet despite this, many organizations are caught unprepared or make unrealistic assumptions. These factors create environments that will fail during a disaster. Most information technology (IT) curricula do not cover disaster recovery (DR) plans and strategies in depth. The unfortunate result is that most new computer systems are implemented without sufficient disaster recovery plans and testing. Courses on network security need to examine DR as a real threat and cover it as a core module. By dispelling the 10 common myths, organizations can better plan, develop, and test true DR plans.

There is a common misconception that internal IP networks (intranets) are secure; and that extern... more There is a common misconception that internal IP networks (intranets) are secure; and that external networks such as the Internet are vulnerable and unsecured. The truth of the matter is that there is little on a network that is truly secure. The very nature of devices being networked makes them vulnerable on an IP network to various attacks and spoofs. This paper proposes a new model for examining enterprise computing and removes the concept of secure intranets.