Re: Help with legal document - network probing agreement

From: Steve (steve@securesolutions.org)
Date: 01/09/02


Date: Wed, 09 Jan 2002 11:21:17 -0700
From: Steve <steve@securesolutions.org>
To: rclark@texascellular.com

If there is anything I am in the process of learning the hard way, GET
YOUR CONTRACTS CREATED/REVIEWED BY A LAWYER.

I know it is costly, but in the long term it will pay for itself.
Besides, you should be able to re-coup these costs with your billings.

Robert Clark wrote:

> I would consult with a corporate attorney, preferably one specializing
> in your particular expertise.
>
> > -----Original Message-----
> > From: dumbwabbit [mailto:dumbwabbit@yahoo.com]
> > Sent: Sunday, January 06, 2002 3:08 PM
> > To: security-basics@securityfocus.com
> > Subject: Help with legal document - network probing agreement
> >
> >
> > Hi all.
> >
> > I'm trying to become more involved with infosec as it
> > pertains to independent consulting, network auditing,
> > security advisor status etc. I have worked as CSO/MIS
> > for a mid-sized firm for the last 2 years, and a small
> > company for 3 years before that.
> >
> > My current job function at my full-time position
> > involves extensive testing, probing, monitoring,
> > implementing and researching network security.
> >
> > I have 2 friends who own ISPs (in partnership with
> > others), and we have been discussing the possibilities
> > of their using my services as an independent security consultant.
> >
> > What I need help with is information on how to compose
> > valid legal documents which allow me to act in this
> > capacity for them. I have no legal background to speak
> > of, and we all want to make sure that we are covered
> > in this aspect before we commence security analysis.
> > We just want to make sure that we cover any potential
> > issues regarding the legalities of my performing these
> > types of network analysis for them.
> > Could anyone on this list possibly provide me with any
> > links to this type of legal document templates,
> > policies, laws and anything else that we may need to
> > know?
> > I have tried searching Google, CERT, SANS and some
> > other sites, but to no avail. Plenty of stuff on
> > internal IT policies etc., but I haven't been able to
> > find anything really specific to independent
> > consulting.
> > I would rather not even run a simple nmap probe etc.
> > on their networks without CYA for all parties
> > involved!
> > Someone suggested to me that simple document stating:
> > "I hereby authorize [consultant] to analyze and probe
> > my networks for potential security issues, with the
> > agreement that any information gathered will be kept
> > strictly confidential amongst the involved parties."
> > And then signed by all involved and notarized. Doesn't
> > seem to be enough to me.
> >
> > Any helpful suggestions MOST appreciated!
> >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Send FREE video emails in Yahoo! Mail!
> > http://promo.yahoo.com/videomail/
> >
> >



Relevant Pages

  • Help with legal document - network probing agreement
    ... pertains to independent consulting, network auditing, ... implementing and researching network security. ... valid legal documents which allow me to act in this ...
    (Security-Basics)
  • RE: Help with legal document - network probing agreement
    ... Help with legal document - network probing agreement ... pertains to independent consulting, network auditing, ... implementing and researching network security. ...
    (Security-Basics)
  • RE: Help with legal document - network probing agreement
    ... Help with legal document - network probing agreement ... pertains to independent consulting, network auditing, ... implementing and researching network security. ...
    (Security-Basics)
  • SecurityFocus Microsoft Newsletter #50
    ... Subject: SecurityFocus Microsoft Newsletter #50 ... Specialist in Microsoft's Security Services Partner Program, ... Network Monitoring for Intrusion Detection ... Relevant URL: ...
    (Focus-Microsoft)
  • << SBS News of the week - Sept 26 >>
    ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
    (microsoft.public.backoffice.smallbiz)