Whitepapers

​Lunarline spends extensive time researching new technologies and security trends for our clients and our professional development. We believe in open communication and offer these White Papers to the general public.

The Forecast is for Continued Controversy and Bold Statements with (Maybe) Some Action: Privacy, Cybersecurity and Regulatory Trends for 2012

This paper discusses the trends to expect in 2012 relating to Federal regulations for privacy and cybersecurity. READ »

The Future of DoD Cyber Security

Lunarline breaks down the DoD's transition to the Risk Management Framework. READ »​

Out with DIACAP, In with DIARMF

This paper discusses the upcoming DoD transition to the Risk Management Framework process. READ »

Smartphones​

This paper discusses creating a mobile workforce and the new hacker landscape revolved around the threat posed by the security vulnerabilities that exists in modern day mobile devices such as smartphones, iPads, and non-PC tablets. This paper also addresses specific countermeasures that should be considered within any organization. READ »

DoD IA C&A Challenges Facing Medical Device and Product Vendors

This paper discusses the areas posing the greatest challenges to DoD IA/C&A medical device and product vendors. READ »

Development of Information System Contingency Plans

This paper discusses the development an Information System Contingency Plans (ISCP). READ »

Radio Frequency Identification Technology (RFID): Securing the Homeland through Next Generation Identification Technology

This paper discusses Radio Frequency Identification (RFID), and Homeland and National Security initiatives that have adopted RFID-based identification to protect the nation against terrorist threats. The proposed standards needed supporting these standards are also discussed, and how RFID will enhance the current system. We will also look at the privacy concerns surrounding the RFID technology implementation, and the security safeguards that need to be integrated into the system and processes to ensure they adequately protect privacy information. READ »

ARRA HITECH Stimulus HIPAA Security Compliance Reporter

This paper discusses how Lunarline’s solution protects ePHI, satisfies Stage 1 meaningful use requirements, and helps hospitals and healthcare providers gain eligibility for millions of dollars in ARRA stimulus money. Clinics are left with the challenge of satisfying complex Health Information Technology for Economic and Clinical Health Act(HITECH) meaningful use requirements. In December of 2009, HHS published a 23 element definition of “meaningful use”. These elements included 22 transactional items such as Computerized Physician Order Entry (CPOE). The 23rd element concerned security of all of the transactional items. Lunarline, ACR2 Solutions and Fortinet partnered to provide an automated risk assessment that meets Object 23 in the meaningful use requirements of Stage 1. According to the AHA, this is the only automated solution available to meet those requirements. READ »

Sarbanes-Oxley (SOX) compliance

This paper discusses the impact an effective security program has on Sarbanes-Oxley (SOX) compliance. SOX requires an organization’s leadership to ensure the accuracy of their financials reporting, and actively measure implemented controls required to mitigate potential anomalies that could lead to errors in the financial statements. The characteristics of a good information security program will provide the governance, and security management foundation for the rigorous demand placed on organizations when creating a framework to meet SOX compliance. Over the past several years, organizations have become more efficient in meeting many of the critical compliance requirements, and have begun to turn to IT to automate the manual activities, and alert senior management when a compliance issue arises. As a result of SOX compliance, the incorporation of industry standards and processes are enabling organizations to become more mature and efficient. READ »

Bluetooth Increases Internet Security Risks

This paper discusses the Bluetooth technology, and the threat posed by the security vulnerabilities that exists in modern day mobile devices such as cell phones, laptops, and smart phones. The current Bluetooth security issues and threats demonstrate the risk of improper implementations of the Bluetooth security model, and the various attacks that have taken advantage of the vulnerabilities. This paper also discusses the security features offered by the Bluetooth specification, and addresses specific countermeasures that should be considered before deploying Bluetooth technology within any organization. READ »

Wireless Intrusion Detection Systems (WIDS)

This paper discusses the wireless intrusion detection (WIDS) technology as a benefit for the protection of wireless networks against attacks through detection and prevention. The wide use of wireless local area networks (WLANs) has required the increased of WIDS technology to focuses on protecting the wired and wireless infrastructure from internal and external threats. This report will give a brief introduction to WIDS, describe the current threats associated with WLANs , provide a list of the potential benefits offered by the implementation of wireless intrusion detection and prevention, and illustrated how WIDS plays an assurance role in the enforcement of the organization’s wireless policy. READ »

An Introduction to the Department of Defense Information Assurance Certification and Accreditation Process

This article gives an overview of the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and two associated Web-based services - the DIACAP Knowledge Service (KS) and the Enterprise Mission Assurance Support Service (eMASS). READ »