Security

Security of information, systems, and data; explanation of approaches, concepts, and ways to enhance your security


Typical IT Security Audit Findings

IT security is a longstanding concern for enterprises, especially those in highly regulated industries such as financial service providers governed by regulations from the Basel II Accords, the U.S. Gramm-Leach-Bliley (GLB) Act, the U.S. Securities and Exchange Commission (SEC), the U.S. Office of the Comptroller of the Currency, and some others. IT security has become concern of top managers especially with the introduction by the Sarbanes-Oxley separation-of-duties requirements and the U.S. Health Insurance Portability and Accountability Act (HIPAA).

.


Top 10 Risk and Security Audit Findings

IT security has become increasingly important and is today the inevitable part of our daily lives. Because of the importance and emphasis that is being placed on IT security today, we have decided to write a guide for IT security auditors. Throughout our professional conduct, we have identified 10 common risk and security audit findings that enterprises should avoid, and we bring our knowledge to you in this series of articles.

.


Prevent email address harvesting (part 2)

How to prevent email address harvesting is something that web masters often ask when figuring out how to block email address harvesting programs and robots from harvesting or stealing email addresses from their or their client's websites. The How to prevent email address harvesting question can be answered with a few programming tips. Successful implementation of these tips can help significantly in improving your web site content security.

.


How to protect web pages from email harvesting

How to protect web pages from email harvesting is the question that every webmaster should ask. While the very original techniques for building web sites were sufficient in the early stages of internet, they open door to hackers and spammers today. How your web pages are coded and designed plays a very important role in your web security. So, how can we protect web pages from email harvesting?

.


Order allow,deny

Order allow,deny is a setting in your Apache web server configuration that is used to restrict access to certain directories (folders) or even globally. Configuring who can access your directories is very important for your web site security. Order allow,deny is one way to restrict who can see what.

.


IndexIgnore

IndexIgnore is an important security setting in your Apache configuration files which commands what gets displayed to the visitor coming to your website. IndexIgnore is a simple setting which is often forgotten or neglected. Not having IndexIgnore set properly can have negative consequences and compromise your website server security.

.


FollowSymLinks

FollowSymLinks is a directive in your web server configuration that tells your web server to follow so called symbolic links. As one would expect, FollowSymLinks is an acronym for Follow Symbolic Links. FollowSymLinks is a very important setting that plays a role in your website security.

.


ISO 27001 (ISO/IEC 27001:2005)

ISO 27001 is a standard providing model for an implementation of an effective Information Security Management System (ISMS). ISO 27001 is also known under its more precise name ISO/IEC 27001:2005 and is closely related to another norm known under the name ISO 27002. Both ISO 27001 and ISO 27002 are together the standards that are used by organizations to implement systems to improve the security of their information and data.

.


ISMS Information Security Management System

ISMS is short for Information Security Management System. ISMS is a documented system to provide security for information and data in your company. ISMS is a vital management concept in today's information intensive businesses. The goal of ISMS is to eliminate possible loss or destruction of information.

.


How to find MAC and IP addresses in network data

How easy is it to obtain MAC address and IP address from wireless network traffic? We have asked this question and now provide this writeup to demonstrate how vulnerable MAC addressing is as a security measure. Even though the number of users protecting their wireless networks with the MAC filtering technique as the only measure is decreasing, there are still many of them.

.
.