NIST Drafts: Webservers and Teleworking

It's only a draft but it might be a valuable resource anyway.

Draft Special Publication 800-44 Version 2, Guidelines on Securing Public Web Servers

NIST announces the release of draft Special Publication (SP) 800-44 version 2, Guidelines on Securing Public Web Servers. SP 800-44 version 2 is intended to aid organizations in the installation, configuration, and maintenance of secure public Web servers. It presents recommendations for securing Web server operating systems, applications, and content; protecting Web servers through the supporting network infrastructure; and administering Web servers securely. SP 800-44 version 2 also provides guidance on using authentication and encryption technologies to protect information on Web servers. This publication replaces the original version of SP 800-44, which was released in 2002.

Draft Special Publication 800-46 Version 2, User's Guide to Securing External Devices for Telework and Remote Access

The draft NIST Special Publication (SP) 800-46 version 2, User’s Guide to Securing External Devices for Telework and Remote Access, is available for public comment. The publication is intended to help teleworkers secure the external devices they use for telework, such as personally owned desktop and laptop computers and consumer devices (e.g., cell phones, PDAs). SP 800-46 version 2 focuses on security for telework involving remote access to an organization’s nonpublic computing resources. It provides practical, real-world guidance on securing telework computers’ operating systems and applications and teleworkers’ home networks, and it also gives basic recommendations for securing consumer devices. The publication also provides tips on assessing the security of a device owned by a third party before deciding whether it should be used for telework. This publication replaces the original version of SP 800-46, which was released in 2002.