Technical Skills:

Fundamental Concepts and Internet

1. Knowledge of Fundamental Security Concepts(eg. authentication,integrity,access control,privacy)
2. Identifying Risks,Threats(data,information,computers and networks)
3. Knows how the Internet Works(history and infrastructure)
4. Basic understanding of all security domains, products available and their working principle (IDS/IPS,DLP,MDM,ATP...)
5. Basics of social engineering tactics

(Read more: Checklist to Evaluate IT Project Vendors)

Network security

1. In-depth knowledge of network protocols and vulnerabilities( MIM, spoofing)
2. In-depth knowledge of network infrastructure and its working
3. Basics of network configurations and working(firewalls,routing techniques, packets in motion..)
4. Basics of Public Data Networks

Transport Layer

1. Understanding Email protocols(SMTP,MIME...)

Coding and OS

1. Recognize malicious code( general Viruses, Trojans)
2. Aware of secure coding practices
3. Preferably has some practice with coding languages( C,Java,Perl,Awk,Shell..)
4. Understanding the security vulnerabilities of the host system and network
5. Basics of security vulnerabilities in common Operating Systems(UNIX,WINDOWS,LINUX...)
6. Knows Use of Digital Signatures and Hash Algorithms

Encryptions

1. Aware of latest hacks,vulnerabilities along with attack methodologies
2. Understanding Basics of Encryption types used by the Organization

Expertise

1. Expert understanding of internet technologies ( DNSSEC,IPv6,VoIP,ATM etc.)
2. Expertise in analyzingg huge databases, log audit trails and able to identify threat trends and frequency
3. Preferably an idea of basic tools used(cmd.exe,PsLoggedOn,netstat,Fport etc. )
4. Aware of robots/automated vulnerabilities( web crawling and sql injection..)
5. Simulation of incidents and hands on training will give practical sense and confidence

*Apart from the above requirements, it is best to have a  highly technical person for each technical front, they may have team members less competent whom they can mentor. 

(Read more:  How the Heartbleed bug was found by Antti Karjalainen - discoverer ...)

Personal Skills:

1. Management abilities
2. Stress Handling
3. Impromptu action
4. Reasoning abilities
5. Process defining
6. Communication skills
7. Team worker 

Note:

• Domain experts of certain fields can be a good choice like- applications, network, mail and database.
• Consider outsourcing this effort to a consultancy which results in lower costs as you don't need a team waiting for incidents to take place, rather treat only when affected. However, this must be preceded by references and study.
• A Legal Advisor can be of umpteen help, in assisting of gathering information, recommendations and remediation when an incident/breech takes places

References: http://ptgmedia.pearsoncmg.com/images/1578702569/samplechapter/1578702569.pdf

https://msisac.cisecurity.org/resources/guides/documents/Incident-Response-Guide.pdf (has warning)

http://www.cert.org/incident-management/csirt-development/csirt-staffing.cfm

http://www.bankinfosecurity.in/incident-response-5-critical-skills-a-4214/op-1

http://books.google.co.in/books?id=lPEgnnKWpmYC&pg=PA14&lpg=PA14&dq=skills+required+for+incident+response+personnel&source=bl&ots=gYCcMcKYYo&sig=J7_Lslvwq48PPnF39Bckjtvp9do&hl=en&sa=X&ei=MIgZVMaFL8iwuAS_rYCYDw&ved=0CEMQ6AEwBQ#v=snippet&q=technical%20skills&f=false

Stages of Incident Response-

1. method 1

2. method 2

Method1(7-steps)

1. Preparation
2. Identification
   categories based on incident type
3. Containment
4. Investigation
5. Iradication
6. Recovery
7. Follow up

Method2(4-steps)

1. Preparation
2. Detection and Analysis
3. Containment, Eradication and Recovery
4. Post-Incident Activity

--------

http://csrc.nist.gov/publications/nistpubs/800-61rev2/SP800-61rev2.pdf

The incident response plan should include the following elements:
 Mission
 Strategies and goals
 Senior management approval
 Organizational approach to incident response
 How the incident response team will communicate with the rest of the organization and with other
organizations
 Metrics for measuring the incident response capability and its effectiveness
 Roadmap for maturing the incident response capability
 How the program fits into the overall organization

Procedure elements

Sharing information with outside parties

the media

law enforcement

incident handling talk to other outside parties -ISP,s/w vendors,

--

http://csrc.nist.gov/publications/nistpubs/800-61rev2/SP800-61rev2.pdf

Handling an incidence rspons

preparation

detection and analysis

containment,eradication, recovery

postincident activity

incident handling chk

recommendtn

-----

http://technet.microsoft.com/en-us/library/cc700825.aspx

To instigate a successful incident response plan, you should:

• Make an initial assessment.

• Communicate the incident.

• Contain the damage and minimize the risk.

• Identify the type and severity of the compromise.

• Protect evidence.

• Notify external agencies if appropriate.

• Recover systems.

• Compile and organize incident documentation.

• Assess incident damage and cost.

• Review the response and update policies.

---------

http://www.sans.org/reading-room/whitepapers/incident/creating-managing-incident-response-team-large-company-1821

Primary Phases of the CSIRT .....................................................................................16
a) Identification................................................................................................................16
i) Triage Role ................................................................................................................17
ii) Identification Tasks................................................................................................17
b) Containment................................................................................................................19
c) Eradication...................................................................................................................20
d) Recovery ......................................................................................................................21
e) Lessons Learned..........

---------

Other sources-

http://ptgmedia.pearsoncmg.com/images/1578702569/samplechapter/1578702569.pdf (stages)
https://msisac.cisecurity.org/resources/guides/documents/Incident-Response-Guide.pdf (has warning) [useful url)

http://books.google.co.in/books?id=lPEgnnKWpmYC&pg=PA14&lpg=PA14&dq=skills+required+for+incident+response+personnel&source=bl&ots=gYCcMcKYYo&sig=J7_Lslvwq48PPnF39Bckjtvp9do&hl=en&sa=X&ei=MIgZVMaFL8iwuAS_rYCYDw&ved=0CEMQ6AEwBQ#v=snippet&q=technical%20skills&f=false

Current Project Synopsis:

• Responsible for Information Security of next generation mobile and fixed broadband networks (LTE/WiFi/FTTx) with All-IP networks over a cloud based framework for B2C/B2B markets connecting 200 Million 4G LTE, 50 Million Wifi/FTTx subscribers in top 800 cities of India
• Jio’s seamless 4G services using FDD-LTE on 1800 MHz and TDD-LTE on 2300 MHz through an integrated ecosystem, aims to provide unparalleled high quality access to innovative and empowering digital content, applications and services.

According to Verizon 2013 data breach report, 84% of exploits & 69% of data exfiltration happens in less than an hour so it’s very critical to have situational awareness i.e. visibility into activities occurring around the enterprise. Proper deployment of next generation SIEM (Security Information & Event Management) tools helps to detect attacks sooner and as a result react more nimbly.

SIEM solutions provide enterprises with network security intelligence and real-time monitoring for network devices, systems, and applications. Using SIEM solutions, IT administrators can mitigate sophisticated cyber attacks, identify the root cause of security incidents, monitor user activity, thwart data breaches and most importantly, meet regulatory compliance requirements.

Most organization think that SIEM solutions have a steep learning curve and are expensive, complex and hard to deploy. Here are few SIEM deployment guidelines and factors you need to consider while evaluating an SIEM Tool. The right SIEM solution is one that can be easily deployed, is cost-effective and meets all your IT security needs with a single tool.

(Read more: Checklist to Evaluate A Cloud Based WAF Vendor)

SIEM Deployment Guidelines

1. Know what is important to security

• Security Events
• Network Flows
• Server & Application Logs
• Database Activity
• Application Contents

2. Know what is important to compliance

• Identity Content
• Classification of data
• Access to data
• Usage of data

Checklist for SIEM Solution Evaluation

1. Log Collection

• EPS (events per second) rate at which your IT infrastructure sends events should match with your SIEM tool
• Should be able to collect logs from heterogeneous sources (Windows, Unix/Linux, Applications, Database, Network Devices ,Firewalls, IPS, IDS)
• Capability of agent-less and agent based log collection method

2. Real Time Event Correlations

• Proactively dealing with threats based on log search, rules and alerts. Correlation boosts network security by processing millions of events simultaneously to detect anomalous events on the networks

3. Log Retention

• Capability to easily retrieve and analyze log data
• Should automatically archive all log data from systems, devices and applications to a centralized repository.

4. IT Compliance Reports

• Out of box regulatory compliance of PCI DSS, ISO 27001, SOX, HIPAA etc

5. User Activity Monitoring

• Out of box user activity monitoring, privileged user monitoring, audit reporting, Know which user performed the action, what was the result of the action. Source & destination address of the systems /devices used.

6. File Integrity Monitoring

• Capability to monitor business critical files & folders. 
• Capture details of when files were created, accessed, viewed, deleted, modified, renamed etc.,

7. Log Forensics

• Capability to track down a intruder or event activity using log search capability

8. Dashboards

• Capability to take timely actions & right decisions during network / system anomalies

9. Global Threat Intelligence Feeds

• Capability to get latest global threat intelligence feeds & carrier grade threat intelligence so as to proactively manage threats. Collaboration among organizations to enhance security 
• Precise solutions for compromised systems and networks

10. Big Data Analytics

• Capability to forecast threats using big data, Accurate analysis of structured as well as unstructured data
• Constant intelligence gathering to strengthen security

-With Binu Chacko, Head of iSoc(Security Operations Center) & Digital Forensics, Reliance Jio Infocomm on 'SIEM Tools: Implementation Guide and Vendor Evaluation Checklist'

(Read more: Checklist for PCI DSS Implementation & Certification)

About Project

The scope of the project encompassing Business Units, Support Functions, 200+ Processes and 8500+ employees. The project was an outcome of the data pilferage risk envisaged in terms of sensitive customer information and financial data. The risk assessment took inputs from various avenues such as internal audits, external audits, risk event, control committees conducted with the Top Management, business requirement were driven by the customer expectations.

The overall Project approach:

• Risk Assessment
• Management By-in
• Business Alignment
• Budgeting
• Product Selection / Proof of Concept
• Solution Deployment and Operations

(Read more:  Annual Survey on Cloud Adoption Status Across Industry Verticals)

Checklist to consider in Evaluating and implementing DLP solution

Identify Critical Business Information

• Right scoping to cover all the critical business processes
• Defined roles and responsibility matrix
• Identification of the sensitive information 
• Laying down the notification and reporting requirements

Policy Definition and Finalization

• Defining and documenting the policy statements.
• Configuring the tool with the policy statements.
• Establish the protocol for the policy violations and related logging.
• Mapped the internet access and external email access with the role profiles to ensure that the access is strictly
• as per business need.

DLP Incident Management Process and Consequence Management

• The incidents review by the appropriate Incident Managers.
• Incident analysis to determine Legitimate use of business information
• Identify wrong business processes
• Add new processes to address data loss risks
• Policy fine tuning recommendations to be identified

Policy Fine Tuning

• Based on the findings from earlier exercise, policies needs to be fine-tuned
• Policy fine tuning reduces unwanted incidents
• Helps organizations to transform the DLP tool for monitoring to block mode
• Actionable Auditing and Policy fine tuning would be a continuous process

Continuous monitoring and Management Reporting Framework

• Establish a mechanism to feed in the learning to ensure mature program in place

-With Dhirendra Kumar, Head BCM and Information Security, Barclays Shared Services on 'Data Leakage Protection (DLP) via email gateway and Regulated Internet access'

(Read more: Security Technology Implementation Report- Annual CISO Survey)

The project scope is to perform a security assessment of the current environment of MBE including the major business processes, operating functions, organizational units and information systems and a thorough evaluation of the configuration and design of the existing network and systems infrastructure and main servers. Based on the assessment, need to define and implement the desired Information security architecture which protects the information base and aligns with the business processes.

Project execution milestones:

1. Study the existing Setup and Develop AS-IS document and Critical Success Factors
2. Analyze the AS-IS Study and design the TO-BE environment
3. Procure required Hardware and Software and implement for Test Environment
4. Analyze the TO-BE environment and realize the achievements based on Critical Success Factor
5. Conference room Pilot setup and demonstration
6. Project Go Live and monitor the environment. Reconfigure for betterment and performance issue
7. Project Roll-over to all sites

(Read more:  My Key Learning While Implementing Database Security)

[AS-IS] critical security elements:

• Sensitivity of information assets and their threats
• Security strategy, program and management system in place including policies and procedures
• User identity and logical accesses management (identification and authentication mechanisms, procedures for creating, modifying and deleting systems / application accounts and profiles, and account naming conventions);
• Security administration and monitoring
• User awareness, Password Change & Reset procedure
• Password policy (syntax rules, expiration, password history etc.)
• Security controls in Applications/Systems Development & Change processes
• Information and user Classification
• Backup Media Handling and Management
• Physical and environmental security
• Host, application, network and systems and database security
• Workstation and End User Computing Security measures
• Perimeter and remote access security
• Business continuity and contingency planning

[TO-BE] critical security elements:

• Conducted interviews with key staff and decision makers
• Organized workshops during which high level impact assessment was performed, general policy requirements was discussed and strategy was finalized
• Discussed, modified and defined information security management structure, security policy and development process
• Identified and evaluated current policies and standards
• Mapped overall security policy requirements to current security policies
• Performed gap analysis to identify where new policies are required and where existing policies and standards are no longer valid
• Provided recommendations and training regarding the methodology to be used in future to maintain the security policy in a dynamic environment

(Read more: How effective is your SIEM Implementation?)

Solution implemented: 

MBE’s total information base is segregated into broader perspective i.e. Engineering Database, Commercial Data Management, Project Management, Document Management and Mailing System.

While designing, Security aspects considered:

• Network security
• Host and database security
• Internet systems and services
• Intranet systems and services
• E-mail and messaging services
• Web browsing services
• Portal services and systems
• FTP services
• Remote access services
• Intrusion Detection System through Firewall
• Security Monitoring, logging and Management systems
• Security filters and controls on the network boundaries
• Wireless networks [BYOD was not considered because except Mail, no application is available on mobile devices]
• Identification / Authentication mechanisms for Network, Applications and Systems [Single Sign-on applicable for partial application only]
• User identity and, Logical access Management (procedures for creating, modifying and deleting systems / applications accounts and profile, password procedures and policy implementation)
• Backup Media Handling and Management
• Workstation and End User Computing Security
• Physical and environmental security
• Any other Internet or non-Internet based area

Based on the security aspects mentioned above, following activities were performed

• Reconfigured network, system, application and information requirements (including authentication, authorization, integrity and confidentiality)
• Reconfigured / implemented non functional requirements (including performance, capacity, redundancy)
• Designed and implemented architecture model (including Identity management, Access control, information flow controls, network segregation and zoning, naming and IP numbering schemes / strategy, credential repository, auditing, etc).
• Designed and implemented system monitoring and management architecture

Control Mechanism:

• Inventory of Authorized and Unauthorized Devices: Restrict use of unauthorized devices
• Inventory of Authorized and Unauthorized Software: Restrict implementation & use of unauthorized software
• Secure Configurations for Hardware and Software on Laptops, Workstations, and Servers
• Continuous Vulnerability Assessment and Remediation
• Malware Defenses
• Application Software Security
• Wireless Device Control
• Data Recovery Capability
• Secure Configurations for Network Devices such as Firewalls, Routers, and Switches
• Limitation and Control of Network Ports, Protocols, and Services
• Controlled Use of Administrative Privileges
• Maintenance, Monitoring, and Analysis of Audit Logs
• Data Loss Prevention [ Implemented but withdrawn recently because of its performance issue]
• Incident Response and Management
• Secure Network Engineering

The hit rate of attack vectors has come down drastically. Around 78% of attack volume is decreased.

(Read more:  Database Security Vendor Evaluation Guide)

Learning:

The lessons we had learnt, are enlisted below for reader’s future reference.

A. Identification of Information Type and Security requirements for each type of Information. The main objective is to have a classification of Information and originating source. This will give us clear guidelines to implement a solution.

B. Knowledge gathering: We have two major sources from where we can gather information and enrich our knowledge from Libraries/Internet and vendors.

C. Product Evaluation: The most important part is to evaluate a product. There are so many products available in the market but selecting a product which one will suite better and economically viable, is a challenge. POC is not only the solution because POC took place with a test environment which may not cover all types of issues. Points to consider:
a. Well defined RFQ in place
b. Product Manufacturing detail and their R & D roadmap shall be analyzed
c. Gap analysis of Product shall be furnished
d. Work-around for the gaps shall be demonstrated by the vendors
e. Scope of Customization shall be available
f. Supports of product including Customization shall be available
g. Availability of Technical Staff
h. Cost of Ownership including recurring cost, if any, shall be minimized
i. Scope for Version Upgrade shall be available and shall not override the customization portion
j. Past performance of Product and support shall be reviewed
k. POC with maximum data shall be evaluated to ensure performance issue
[It was observed that after installing one DLP (End Point) with very minimum rules, we observe that the performance become shows stopper (installed only800+ users). It was so bad that the operation of each PC got stacked. We observe that file sharing also stopped within a network, Network bandwidth badly chocked. POC was done for 300+ users where it was working fine].

D. Vendor Evaluation: A good quality product may fail to perform if not implemented or configured properly. Implementation partner or vendor plays a major role in this area. Points to consider:
a. On-time delivery
b. Quality of Technical Stuff / Implementer
c. Product functionality and performance
d. Cost of Ownership
e. Facility and Technology
f. Responsiveness to Customer needs
g. Professionalism of salespersons
h. Quality of relationships with vendor
i. Local presence 

-With Pulak Tarafder, A V P (IT), McNally Bharat Engineering Ltd. on Assessing and analyzing Information Security Infrastructure

Achieved Solution Benefits

To mitigate risk

• Prevent access breaches through privileged accounts
• Monitor activities carried out by privileged users
• Enforce accountability for use of generic privileged accounts
• Enforce granular access restrictions as required by user roles
• Limit privileges of admin accounts
• Maintain complete audit trail of privileged activities (i.e Audit Logs / Screen Recording of every session )

(Read more:  Under the hood of Top 4 BYOD Security Technologies: Pros & Cons)

To improve efficiency

• Reduce management overhead of maintaining large number of passwords using password fault
• Single Sign On (SSO) – for Servers/Databases/Network Elements/URL’s/Thick Clients
• Securely extend access to remote vendors ( i.e OTP Based , Time based access )
• Audit Logs / Screen Recording of every session
• Authorization Workflow
• Central Reporting & Alerting ( SMS & Email alerts )

To ensure compliance

• Comply to regulations and standards ( SOD principle , IS0 27001 Reports )
• Meet password policy compliance requirements

Solution Evaluation Checklist must focus on functionality, security, vendor profile, integration, ease of implementation and total cost of ownership. Here is a complete comparison of Iraje, CA Control Minder & Arcos and the comparison parameters.

-With Saurabh Kaushik, Head - IT Security, Lupin Group on Privilege Identity & Access Management (PIM) Implementation

(Read more: Hardware Trojans: Sneak Peek into the Future)

Meet, meet and meet, the last few weeks all we've done is meet you and try to help you better. Your views shape us and those plenty views needed a To-Do List, which is right here. We are grateful for each of your contributions and hope to have more of these exciting sessions soon again.

Quick event meets-

• New York CISO Platform Breakfast Meetup (15th August)
• San Francisco CISO Platform Breakfast Meetup (14th August)
• Los Angeles CISO Platform Breakfast Meetup (11th August)
• LasVegas CISO Platform Breakfast Meetup (6th August)
• Mumbai - CISO Platform Breakfast Meetup (24th July)
• Delhi-CISO Platform Breakfast Meetup (25th July)
• CISO Handbook Meet up on DLP & Data Security" and "Advanced Cyber Security Threat Protection(13th August) [*sponsored websense]
• Bali CISO Platform Meetup (4th September)

CISOs were very enthusiastic and shared their views on various aspects like their current obstacles etc. Below are the best of all this discussion at a glance.

Topics CISOs are Interested in:

1. Corporate espionage
2. Business and security alignment-sensitizing
3. Board level communication
4. Template to derisk-cya
5. Acceptable risk communication and sign off
6. Evaluation checklist
7. Handling audit and auditors- jwt
8. Handling consultants - satish
9. Latest tools and technologies-comparison
10. Taxonomy
11. Mobile security-hacking
12. Live - Demo of products,hackers and social engineering
13. Masking of phone
14. Csr for ciso
15. Open source tools repository
16. Work life balance
17. Forensics- case studies of frauds
18. Utilities security - electricity
19. How do I protect my computer phone?
20. How to do mssp business in usa?
21. Governance for cloud vendors- sla
22. Thought leadership in appsec
23. Cost optimization for security
24. Not getting logs from the vendor
25. Controlling internet bandwidth
26. Erp security
27. Securing retail supply chain
28. Connecting small office - securing
29. How to get appliance testing? Best practices: what should I do before I get an appliance into my network?
30. New tech to protect cloud
31. Data security for eprocurement:
32. Erp customization security
33. Third party coding or vendor risk
34. Vendor locked! - code changes and security
35. Cyber defense- setting tolerance
36. Mobile security enterprise framework:
37. Legal framework universally acceptable for security
38. Minimum requirements from government
39. Knowing your cyber liabilities
40. Cyber assurance for security
41. Innovations in security
42. Negotiating licenses and contracts
43. Moderated discussions: focused topics

Ideas of Engagement:

1. Sharing content on website
2. Weekly, monthly, weekly checklist for ciso
3. Selling security- case studies
4. Art of living or meditation
5. Topic for month-ask the community
6. Certification-checklist
7. Subject matter expert -breakfast
8. Open source appsec testing tools
9. Government level compliance or checklists for data on cloud for other vendors
10. Meetup.com and linked.in
11. Any of your customers (BYOC), invitation
12. At somebody's office
13. Museum or interesting place
14. Fs-isac (heads)
15. Bill sieglien - breakfast (ciso executive network)
16. Breakfast club (pay money)
17. Get intro for isac and bill (kispert)
18. Kispert- top 100 ciso email (draft)
19. Only CISO
20. First 90 days for a CISO
21. Maslows law
22. Paul martin
23. Securosis
24. John orison- tim tech
25. Chin lady (2)
26. Dlp, ids,
27. Invite for cp annual summit
28. Email- invite, advisory
29. sujeet and garrett (advisors+invite to speak+send meeting notes+invite to join)

Feedback on CISO Platform Index(CPI):

1. When is the rating done? How recent is the product?
2. Ciso satisfaction index
3. Version and date of purchase

Key notes on content ( uncategorized )-

1. How well am I doing as a CISO?
2. 90 days plan to get started
3. Cmm model for security
4. Lonely ciso: 1 man shop
5. Security on a shoestring

red- either removed or in wrong category

This is the second compilation of Best Of Defcon 22 at a glance. The following Links will link you to the respective complete PPT. 

Important Note:

• All presentations are courtesy Defcon and is presented as-is without any modification
• Some of the descriptions below are taken from Defcon website (www.defcon.org)
• You need to Sign in/Sign up to view the presentations. (It's free)

Hacking US (and UK, Australia, France, etc.) traffic control systems

The traffic signals seem easy to mess with, even when we realize the results can be miserable. This speaker has found out some major devices used by the Traffic signals in various cities and countries(Washington DC, Seattle, New York, San Francisco, Los Angeles,UK,Australia,France etc.), hacked them, found vulnerabilities and how they can be exploited. Learn it from the scratch (with testing demos) in this talk.

Click here to view ppt.

Don't DDoS Me Bro: Practical DDoS Defense

DDOS might have been a nightmare recently and you felt its wave recently multiple times including evernote! How to defend and what to do when DDOSed is exactly what this talk tells. It also allows your defence to be kept low budget with the tools and techniques and how to analyze.

Click here to view ppt.

Protecting SCADA from the Ground Up

From electricity to water distribution ICS(Industrial Control Systems) and SCADA is everywhere. Their internet association increases and thus their protection is crucial. This talk tells us how to best protect these infrastructures by getting into the system, understanding how it works and where it goes wrong.

Click here to view ppt.

Optical Surgery: Implanting a DropCam

DropCam users may want to know, any malicious software can be installed on it and someone might just be tapping into your video stream. Dropcam is a cloud based wifi video monitoring service allowing you to be connected from anywhere. This talk demonstrates complete takeover of your Dropcam and manipulation from the brain. Your tracker can see you, hear you and probably much more.

Click here to view ppt.

Client-Side HTTP Cookie Security: Attack and Defense

HTTP cookies, everyone has many. But how do they help or harm. This talk explores the popular browser cookie storing mechanisms, how they can get stolen and of course how you can prevent it happening. Your cookie might just have given away your worthy special character passwords or someone by-passed your 2-factor authentication?

Click here to view ppt.

Acquire Current User Hashes without Admin Privileges

User level access doesn't exist after this talk. Any such user can now have the admin privileges! How? Its there in this talk, the new technique. The design flaw in Windows SSPI implementation proves to be fatal.

Click here to view ppt.

VoIP Wars: Attack of the Cisco Phones

Using Cisco VoIP Solutions? They may be vulnerable to attacks like VLAN attacks, SIP trust hacking, Bypassing authentication and authorisation, Call spoofing, Eavesdropping and many more. This talk covers some of the basic hacks including brute force attacks, Skinny and SIP signalling attacks, 0day bypass technique for call spoofing and billing bypass etc.

Click here to view ppt.

Detecting and Defending Against A Surveillance State

Not too many days while we were thinking "Are we being spied on by the state?". This talk will allow us to find out whether we are being spied on and detect the hardware bug,firmware etc. doing so.

Click here to view ppt.

Check your Fingerprints: Cloning the Strong Set

A GPG focussed session with all the facts to not be broken. The very fact that even fingerprints may not render you safe, learning the widely used GPG Ui is broken, the key server not using SSL breaks MITM and DNS can be eye-openers. If you use GPG, this talk is a must for you!

Click here to view ppt.

Abusing Software Defined Networks

SDN(Software Defined Networking) is known to have potentials to make a great difference in the internet world. However, its present implementations are highly vulnerable for attacks like protocol weaknesses which could lead to information leak, MITM, DOS attacks etc. This talk runs through the weaknesses and their protection.

Click here to view ppt.

Mass Scanning the Internet: Tips,Tricks,Results

A working knowledge of nmap and this talk will teach you how to scan the internet.Thinking of -'Devices vulnerable to heartbleed or D-Link router vulnerability?'. From the ISP needed to the friendly tools and how to avoid the mess. The vast sea of undiscovered knowledge can now be ripped whether for fun or precaution is yours to choose.

Click here to view ppt.

POS Attacking the Traveling Salesman

Targeting the international passengers, POS can give some useful information like name, picture, flight number, destination, seat number etc. Even though it is not exploiting the commercial POS details like credit card credentials, this information can be exploited to gain unauthorised access to airport data and many more ways. This talk focuses on the transport(airlines) POS.

Click here to view ppt.

Dropping Docs on Darknets: How People got Caught

Tor? Looking for obfuscating your traffic source? Some tried and still failed cases in this talk will rip the reasons for getting caught and how you can prevent so happening. 

Click here to view ppt.

Practical Foxhunting 101

Finding out the wireless emitters(Foxhunting) in the current environment can be a tad easy, that too with no special device. This talk will tell you how from Antennas, Radios, Visualizing softwares everything.

Click here to view ppt.

From Raxacoricofallapatorius With Love: Case Studies in Insider Threats

This talk unfolds the story of insider threats- their potential signs, what inspires them and how to be aware. It will lead you through interesting examples of honey pots, encryption etc.

Click here to view ppt.

RF Penetration Testing, Your Air Stinks

Security professionals normally use few effective RF tools, procedures and tactics while conducting repeatable RF penetration tests. From finding out the RF in the environment to identifying the vulnerabilities and then exploiting them has been methodically stated in this talk. It also recommends software and hardware, so newbies can be comfortable.

Click here to view ppt.

>>Don't Miss "Part 1" of this Blog: Click here to read more !

Information Security function had to be aligned to Risk Management function to provide independence by separating Infosec Governance and Infosec operations responsibilities. Enhancement in the policy was focused on the wider and strategic modifications, faster adoption of emerging technologies and empowering all stakeholders.

(Read more:  Top 5 Big Data Vulnerability Classes)

Key learning:

1. While defining policy, objective was also to remove subjectivity
2. Enable empowerment to businesses to define and own ‘risk’ enabling productivity and efficiency in decision making.
3. Define “Risk Control Self Assessment” wherever possible with templates and checklist, supported by appropriate guidelines.
4. Provide focus on employee empowerment with increased responsibility and at the same time ensure technology tools are on constant vigilance to prevent unintentional or intentional incidents. 
5. Keep balance between empowerment and security.
6. Along with empowerment define measurement metrics - “Key Risk Indicators”, “Key Performance Indicators” which would help us to measure security levels of all Business Units uniformly and integrate risk score with business risk.
7. Define modular SOA (Statement of Applicability) for each business unit to ensure their respective regulator’s requirements are met and business units are flexible to add/modify/delete any controls to meet their obligations to security requirements.
8. Define separate security governance and security operations to build objectivity in the system where custodians of data are no longer controllers of data, yet enablers of data sharing.
9. Define revised policy to be technology agnostic, business addressing along with technology, regulatory requirements and adheres to key industry standards
10. Define Integrated information security policy as a part of business process along with increased involvement of business user through RCSA (Risk Control Self Assessment) and build transparency and self awareness about risk level.
11. Define accountability for each individual’s own actions and performance metric.
12. Define strong monitoring system for end user activity as well as network access perspective.
13. Consider BYOD and Cloud as a market trend towards mobility and flexibility while defining Policy
14. Establish strong security management framework for managing new technology developments. 

Establish GRC (Governance, Risk and Compliance) framework to build visibility and better governance.

-With Anuprita Daga,CISO and Umesh Parshetye,IT Strategist, Reliance Capital Ltd. on 14 Things to Consider While Defining a GRC Framework

(Read more:  Cyber Safety in Cars and Medical Devices)

Defcon 22, the largest conference for hackers with 15,000 attendees saw some of the most interesting researches in the field of security and hacking. From hundreds of talks, we have handpicked the top presentations which are relevant for security managers and leaders.

Important Note:

• All presentations are courtesy Defcon and is presented as-is without any modification
• Some of the descriptions below are taken from Defcon website (www.defcon.org)
• You need to Sign in/Sign up to view the presentations. (It's free)

Elevator Hacking: From the Pit to the Penthouse

Elevators have played a key role from hackers to pen testers. An in-depth of how elevators work, allowing a greater understanding of the system and how sometimes the unexplored features can leave serious threat exposure. 

Click here to view ppt.

Weaponizing your Pets: The War Kitteh and the Denial of Service Dog

A walk through how the tracking works for your cat and dog. Thus, creation of war kitteh and service dog. The presentation takes you through every step and tells exactly what works and doesn't. For example- 'Cats are very tough to work with'.

Click here to view ppt.

One Man Shop:Building an effective security program all by yourself

Learning the process from "Step 1" to an effective security program in a cost effective and resource constrained manner. It is  based on real world experiences and introduces multi-year approach to methodologies, techniques, and tools.

Click here to view ppt.

Instrumenting Point-of-Sale Malware

Encourages the adoption of better practices in the publication and demonstration of malware analyses. It proposes borrowing the concept of “executable research” by supplementing our written analysis with material designed to illustrate our analysis using the malware itself. This helps analysts for in-depth research. It also talks about taking a step beyond traditional sandboxes to implement bespoke virtual environments and scripted instrumentation with commentary can supplement written reports so that makes the malware analysis more sound and useful to others.

Click here to view ppt.

Burner Phone DDOS 2 dollars a day : 70 Calls a Minute

Research DDOS on phone! Model for proof-of-concept SCH-U365 QUALCOMM prepaid Verizon phone. A custom firmware written can convert it into a DOS system allowing spam call that number 70 times a min. till battery dies and automatic phonebook number receival using speaker. Use of evasion methods including PRL list hopping.

Click here to view ppt.

Bypass Firewalls, Application White Lists, Secure Remote Desktops under 20seconds

"Imagine a scenario, where you have deployed a malware on a user’s workstation, but the target information is on a secure server accessed via two-factor authentication, with screen access only (e.g. RDP, Citrix, etc.). On top of that, the server runs application white-listing, and only the inbound port to the screen server (e.g. 3389) is allowed through the hardware firewall. But you also need persistent interactive C&C communication (e.g. Netcat, Meterpreter, RAT) to this server through the user’s workstation." 2 developments are offered- The first tool can drop malware to the server through the screen while the user is logged in. The second tool can help you to circumvent the hardware firewall after we can execute code on the server with admin privileges (using a signed kernel driver).

Click here to view ppt.

The Dangers of Insecure Home Automation Deployment

A dissection of reverse engineering of the KNX/IP home automation protocol; a description of the deployment flaws; blueprints on how to create an Ipad Trojan to send commands outside the hotel; and, of course, solutions to avoid all these pitfall in future deployments.

Click here to view ppt.

Touring the Darkside of the Internet. An Introduction to Tor, Darknets, and Bitcoin

An introductory level talk covering basics of Tor, Darknets, Darknet Market places, and Bitcoin. Some recommendations to help make the use of TOR, Bitcoin, and Marketplaces more secure. 

Click here to view ppt.

A Journey to Protect Points-of-Sale

Learn how points-of-sale get compromised from both retailer’s and software-vendor’s perspective. Know how some concepts work while some don't.

Click here to view ppt.

Attacking the Internet of Things Using Time

Internet of Things devices being slow and resource constrained are easy target to network-based timing attacks, allowing brute-forcing of credentials. This talk explores the working of timing attacks, their optimization and how to tackle various  parameters of exploitation. 

Click here to view ppt.

From ROOT to Special: Pwning IBM Mainframes

1.1 million transactions are run through mainframes every second worldwide. Yet the mainframe security is negligent enough. This presentation tears open the mainframe security, it visits the root, exploits it within present tools and uses it to develop new tools.

Click here to view ppt.

Am I Being Spied On? Low-tech Ways Of Detecting High-tech Surveillance

There's that eerie feeling when someone spies on us.Stop that! This will teach you several low-tech ways that you can detect even high-tech surveillance. Topics cover- surveillance cameras, physical surveillance, detecting active and passive bugs, devices implanted inside computers, tablets, and cell phones.

Click here to view ppt.

Cyber-hijacking Airplanes: Truth or Fiction?

This presentation examines the in depth mechanisms of an airplane to justify the claims of cyber-hijacking airplanes. It assumes no prior knowledge thus beginning from fundamentals to leaving a better understanding of ADS-B, ADS-A, ACARS, GPS, transponders, collision avoidance systems, autopilots, and avionics networking and communications. Several important aircraft technologies have been examined. 

Click here to view ppt.

Hacking 911: Adventures in Disruption, Destruction & Death

Emergency medical services (EMS) are what we today trust on to safeguard the lives of our beloved. But the tide of time and technology has left them 20 years behind time and obsolete. The security of such critical devices have not been critically watched. This talk will tell you how it can crash.  

Click here to view ppt.

>>Don't Miss "Part 2" of this Blog: Click here to read more !

'Development of enterprise level Information Security Policies, Procedures and Standards' was an initiative to ensure we have an enterprise wide policy, procedures and standards for ensuring smooth Governance & Compliance of Information Security practices. The standards based on industry benchmark such as CIS, NSA, NIST helps an enterprise to configure, implement, manage and monitor the robust Infrastructure and best security practices through business approved policies and procedures. Through this project, we are coming up with policies, procedures and technical control standards that enable streamlining and strengthening the implementation of Operating Systems, Databases, MS Office / Exchange environments, Server Infrastructures, Network/Firewalls Infrastructure, Virtual machines, Remote Access, Mobile Technologies, Secure file/data transfers, Encryption, Access management, Incident Management, Business Continuity Management etc.

( Read more: Security Technology Implementation Report- Annual CISO Survey )

Checklist for Technology/Vendor/Solution Evaluation:

•Ensure company is registered/subscribing to one or more industry standard/benchmark. Eg. Center of Internet Security (CIS), National Institute of Standards and Technology (NIST), National Security Agency (NSA) etc.

•Ensure an Information Security Policy Framework is in place that describes the company strategy to have

• Information Security Policies
• General security controls those are applicable across enterprise
• Technical control areas those are applicable across the enterprise
• Processes and Procedures required for adopting some of the technologies/standards

• Understand the current enterprise implementations, documentations, policies, procedures and other artifacts in place 

 The infrastructure –

• Types/Kinds of servers
• Different OS’s implemented
• Network/Firewall solutions in place
• Databases being used
• Virtualization strategy
• Data Loss Prevention controls/tools in place
• End-point’s being used
• Strategies for desktops/laptop/mobile device encryptions
• Incident Management in place
• Access and authentication management in place
• Business Continuity / Disaster Recovery Management

• Define the team structure involved in policy development, review, testing, approvals etc. E.g.

• Identify/register/subscribe to industry standard benchmark providers
• Identify the authors/contributors and policy developers within the organization or hire an expert agency to develop the policy framework/policies etc
• Identify the SMEs (Subject Matter Experts) who would be involved in reviewing all of the documents being developed
• Identify the SMEs and technical teams who would be involved in thoroughly testing all of the controls/policies being documented
• Identify the business approvals. Ensure right stakeholders are involved in approving different sets of documentations mentioned above

( Read more:   How Should a CISO choose the right Anti-Malware Technology? )

Key Learning: Do's and Don’ts

• Ensure information security strategy/program in place
• Ensure Information security policy framework is in place
• Ensure registration/subscription to industry standard practices and benchmarks.
• Ensure every policy/procedure/control/standard document is thoroughly reviewed and approved by SME’s
• Ensure every control in these documented is tested to fit the business requirements and security practices/strategies of the company
• Avoid the temptation of covering the entire universe in the policies, procedures, controls and standards. The industry benchmarks/standards generally cover the entire gambit of the topic and it is key to understand what is relevant to business and the security strategy of the company and implement only that much as a policy or a standard.

- With Mahesh Sonavane,SunGard Global Technology on How To Evaluate Compliance Solutions ClickToTweet

What are your evaluation parameters for GRC Solutions. Share your views in comments below or write your article here

With most enterprises now conducting business on the Web, it has become more crucial than ever that the experience is rich and responsive. Often these two goals conflict. How do you ensure a robust, interactive experience without sacrificing page-loading speed? How is it that some of your competitors are able to deliver dynamic content and rich Internet applications (RIAs) and still have sub-second load times? The answer comes in two parts: best practices for you (addressed in this report), and best practices for your application development colleagues (addressed in part two of this series). 

>>Download the Complimentary Forrester Report

What's in the report?

• Impatience Is Your No. 1 Competitor
• Web Performance Best Demonstrated Practices
• Best Practice No. 1: Measure Early And Often
• Best Practice No. 2: Cache Smart And Cache Often
• Best Practice No. 3: Architect For Scale Out
• Best Practice No. 4: Partner With Application
• Development Professionals
• Forrester’s Web Performance Next Practices
• Web Performance Optimization Never Stops,
• But The Infrastructure Might
• Identifying Your Challenges
• Case Studies
• Supplemental

What are your best practices for a super fast website? Share your views with us in the comments below.

( Read more:  Annual Survey on Cloud Adoption Status Across Industry Verticals )

This is a Sponsored Report by Akamai

Vulnerability Management System was implemented as a practice within the Organization across the Global Business Unit (India, Middle East & Africa). The implementation included Vulnerability Assessment and Remediation. The assessment is made based on Severity Levels (Actual & Potential) obtained through vulnerability scanning of all devices connected to Internet, Intranet & Service Network. Evaluation of Weighted Intrusion Rate (WIR) through a formula gave values which are required to be kept below a pre-decided threshold value for each of these network. These values provided the vulnerability status for the region and thus also formed the KPI for this assessment. The project was covered over a period of three months after an elaborate testing and assessment. This implementation improved the efficiency of security team in terms of reduction in time, efforts and cost. Formation of a Vulnerability Monitoring Team made the practice more effective in terms of reduction in time taken for remediation of vulnerabilities.

(Read more:  Can your SMART TV get hacked?)

Checklist for Vendor Evaluation:

It has been invariably experienced that no single vendor provides solutions for all components that can support a vulnerability management system. Therefore, it is necessary that prior deciding on a tool the capabilities and shortcomings are well understood. A sample checklist that can help during evaluation is as follows:

• Asset Management: The capabilities and limitations of the technology to provide asset inventory database or extend the support for additional fields or ability to integrate with other asset management repositories
• Versatility: Ability of the technology to operate against series of Windows OS, diverse platforms, applications and devices
• Ability to Aggregate: The product must be inter-operable with other security technologies including Internet Security Systems E.g. IIS Scanner, MS MBSA, Nessus, Foundstone, Retina, BindView etc. In other words the product should be able to aggregate vulnerability data from multiple and dissimilar sources
• Vulnerability references: The technology should be able to identify source of information and comply with Common Vulnerabilities and Exposures (CVE)
• Ranking: The tool should be able to rank/ prioritize remediation efforts
• Enforcement of Policy: The product should be capable to designate the identified remediation at different enforcement levels i.e. from mandatory (needed) to forbidden (acceptable risk) through an interface which is centralized and policy-driven.
• Management of remediation groups: The tool should permit grouping of systems in order to manage remediation and control accesses to devices
• Remediation: The product should be able to tackle vulnerabilities induced by a system misconfiguration and vulnerabilities occurred due to inappropriate patches. E.g. Deploying changes to the OS or applications such as disabling/removing accounts (i.e. accounts with no password or no password expiration), disabling and removing unnecessary services etc, deploying patches on OS or applications, ability to harden services for NetBIOS, anonymous FTP, hosts.equiv etc
• Integration Capability: The ability of product to include or integrate existing patch management tools
• Maintain distributed patch repository: The product capability to load balance and distribute the bandwidth associated for patch distribution to repositories installed in various strategic locations
• Patch Installation Failure Info: The tool should be able to report if a patch installation has been unsuccessful/ needs re-installation
• System of Workflow: The product should be able to follow a workflow system that must assign and track issues. It should be able to assign tickets based on defined ruled sets (e.g. vulnerability, owner, asset classification etc) automatically. It should be able to interface with other products like Remedy, HP Service Desk etc, which are common corporate workflow products
• Usability: The tool should be able to participate actively in the network services with minimal or no impact to business operations with an instinctive user interface
• Report Generation: The tool should be able to generate reports determining remediation success rate and trending remediation efforts. The reports generated must be in detail and customizable
• Appliances: It must be known whether the tool is based on software or appliances. A software based solution is affordable and may be able to operate on existing hardware thus reducing the upfront capital expenditures while appliance based solution provide performance and reliability advantages
• Deployment of Agents: The application’s deployment of agents and its capability to leverage existing agents on the system. Capability of simultaneously deploy these agents on group of assets, to reduce deployment constraints.
  
  ( Read more:  How to choose your Security / Penetration Testing Vendor? )
• Standard Configuration: Availability of a predefined security configuration template to assess the technology as in some cases defined templates support regulatory requirements like SOX, HIPAA, ISO/ IEC 27000 series.
• Vulnerability Research Team: The vendor must have own vulnerability research team and he should be an active participant within security community via identification and release of security vulnerabilities. The vendor must practice responsible disclosure. The vendor must release checks for vulnerabilities that he has discovered prior to OEM remediating it. Methodology adopted by vendor to respond on vulnerabilities of own products
• Frequency of vulnerability updates releases: Frequency of release of vulnerability updates by vendor and its distribution. The distribution mechanism must leverage industry recognized security communication protocols

- With Murli Menon,Atos on How To Evaluate Vulnerability Management System Vendors ClickToTweet

Do share your views on vulnerability management tools in comments below. 

>>Download the Complimentary Forrester Report

Why Read This Report

Over the past decade, infrastructure and operations (I&O) teams have focused large amounts of resources on making their customer-facing websites blazingly fast because website experience had a direct correlation to customer satisfaction and revenue. The introduction of cloud, visualization, and mobility has expanded the number of types of revenue-producing applications, which means that I&O teams need to optimize a much broader set of user experiences. The new business environment has narrowed the period between change; data, users, and applications are in constant motion; personal and business resources are no longer separate; and now there are mobile, web, traditional, and hybrid applications traversing the network. Thus, providing a network that can handle all of these elements is extremely complex. This report focuses on the networking technologies available to meet this challenge — principally application delivery controllers (ADCs), content delivery networks (CDNs), front-end optimizers (FEOs), load balancing, security services, and wide area network (WAN) optimization — and the best ways to deploy them to optimize the user experience.

Key Learnings-

• Moving Beyond Blazing-Fast websites
• Business acceleration solutions Optimizing User experiences

• Pitfalls To avoid In Combining acceleration Technologies

>>Download the Complimentary Forrester Report

"A network architecture that focuses on monitoring, controlling, and optimizing the quality of user experience."

Fig - Application Acceleration Technologies Merging Into Business Acceleration Services

>>Download the Complimentary Forrester Report

What are your ways to enhance customer experience along with great security coverage? Share your views with us in comments below.

As per our IT Security Audit report of Ernst and Young, We have to protect our network for misuse of the Internet and we required proper analyzer to analyze our network, they also guide us for the Implementation of BYOD policy in the company and Protection of ERP thru Dual authentication. We have to protect our ERP application by using SSL VPN for remote location also. Our top management interested to protect our network in a proper way and reduced some bandwidth cost.

( Read more: Security Technology Implementation Report- Annual CISO Survey )

Checklist for Evaluation:

So after proper evaluation, we decided that we have to go to Cyberoam 300ING.

• We have compared following device and done the proper comparison. We have compared Fortigate 300C with Fortigate 100 Analyzer, Cyberoam 300ING and Checkpoint 4800 NGTP.
• As the price of checkpoint and maintenance cost are very high and this is not in our budget, so we have decided that we go for Fortigate or Cyberoam. Our team has done POC in a proper way for all devices and decided the same.
• Cyberoam has an edge with Fortigate related to UTM. Fortigate 300C doesn’t have analyzer. For Analyzer we have to go for Fortigate 100C analyzer. Due to that our cost is going to increase.
• After thorough discussion, we have decided to go for Cyberoam 300ING at HO and Cyberoam 15ING at Worli and Malad Site for creation of VPN and applying the company policy.
• We have implemented required blocking in this, and implemented BYOD policy in our company. Blocking of resigned employee ID is done on the same day, refreshing the WIFI password in a week’s time is done. WIFI Password sharing is very limited etc.
• We have activated SSL VPN in our Firewall for remote location ERP users.
• We have activated our ERP as whenever user login in the ERP, ERP checks the users name and password in ERP server as well as in the Active Directory. If anyone is not matched, user not able to login in our ERP. Due to that we have increased extra level of security in our ERP application.

( Read more:  Hardware Trojans: Sneak Peek into the Future )

Some Do's and Don'ts:

Whenever you planned a project, we can evaluate in a proper way. Take your own time for POC and other activity. Also aware the TOP management in a proper way. Employee awareness about IT Security is the key to success for the protection of our network.

-With Chitranjan Kesari,Omkar Realtors & Developers on How To Evaluate Network Security Vendor ClickToTweet

What is your strategy to evaluate a Network Security Vendor? Share your views in the comments below.

E-Procurement Portal has been set up for providing state-of-the-art e-Procurement services in India to Govt. Departments, Public Sector Organisations and Large Private Sector Enterprises. This e-procurement portal comprehensively addresses almost every nuance of the formal Public Procurement process having ‘Legal’, ‘Security’ and ‘Transparency’ related significance.

( Read more:  CISO Guide for Denial-of-Service (DoS) Security )

Key Learning: Dos and Don’ts:

Functionality of E-Procurement application includes -- Multi-stage, Multi-envelope Sealed-Bidding (including two-stage tendering process as per CVC Guidelines. The system offers added functionality of e-Reverse Auction, e-Forward Auction, and e-Catalog system, integrated with the core sealed-bid e-Procurement system.

To incorporate such unmatched ‘Security’ and ‘Transparency’ related features, this application uses ‘Symmetric Pass-Phrase’ for bid-encryption (i.e. bid-sealing), as distinct from using Public-Key (i.e. PKI) of TOE officer for bid encryption. While PKI is excellent for electronic/ digital signatures, its use for data-encryption (i.e. bid encryption in the context of e-procurement) is quite useful.

Dos:

• Planning must include quality analysis and it also includes making checklist for having secure environment.
• Reporting and analysis on Key Security Incident  
• Reporting and analyzing on Risk Assessment and remediation activities

Don’ts:

• Don’t micro manage.
• Don’t design too much in details.

Opportunities and Challenges:

As this application is fully compliant with – IT Act 2000; CVC Guidelines on e-procurement (especially CVC Circular No. 18/04/2010 dated 26th April 2010); the e-Procurement Integrity Matrix of Transparency International India (TII); Government of India’s e-Procurement Guidelines issued in August 2011 by STQC, Department of IT, Ministry of Communications & IT, Government of India; and ‘Recommendations for Encryption Policy’ u/s 84A of the IT (Amendment) Act, 2008 by the Data Security Council of India (DSCI), regarding ‘Data Encryption’ (i.e. bid encryption in the context of e-procurement), getting a secure environment has always remains a priority and along with all this learning keeping the system running presents both opportunities and challenges.

( Read more:  Annual Survey on Cloud Adoption Status Across Industry Verticals )

Dos

• Educate on the existence and implications of Information Security policy and standards on their initiatives.
• IT personal – Reinforce their roles and responsibilities pertaining to Information Security.
• All Employees – Establish on their responsibilities to protect systems and Information Assets
• Non Employees – Establishing clarity on their responsible as they position to customer confidential data.
• Adopting mechanism for Safeguarding your Customer Confidential Information.
• Documentation.

Don'ts

• Don’t Use Insufficient Support
• Don’t subscribe to non-business service with your business critical.

-With Dinesh Kumar Chawla, Telecommunications Consultants India Ltd., on How To Evaluate An E-Procurement Portal ClickToTweet

What are your takes on E-Procurement? Share your views with us in the comments below.

When we started this project of Secure Wireless LAN implementation in our organization, the key considering while evaluation that the solution must be robust, stable and highly secured so as to avoid security hassles and wireless threats.

Most companies go to great lengths to keep unauthorized users off their networks, but Wi-Fi access points can provide hackers with a convenient way in. That's because Wi-Fi signals are often broadcast for outside network - an enticing invitation for hackers.

Since many companies allow or even actively encourage employees to connect to the network using their own mobile devices - tablets and smartphones as well as laptops - it's not practical for most companies to switch off Wi-Fi access.

We have finalized Wireless LAN solution for us which is based on the below mentioned points which are absolutely necessary for having a matured WLAN access set up.

• High security – WLAN facility will have different kind of users with different kind of access role. This naturally calls in for a system which can identify the variation among the users and provide a seamless connectivity and great user application experience. Having such kind of networks which has various kinds of users, it is an outmost necessity that the security engulfs the whole networking infrastructure right from the user to the core of the network. The implemented solution provides multiple layers of security to protect access to the wireless network, the data transmitted on the wireless network and the wireless users and infrastructure.
• Reliability – The wireless LAN has a major part in it which is invisible and can’t be traced very easily if there is some problem in it. The RF part in WLAN is the most difficult part to manage and make it work flawlessly. Implemented solution has technology called Adaptive Radio Management which allows the organisation to forget the worries of managing the RF and does it all automatically.
• Scalability – WLAN systems are extremely scalable and Flexible. The features and the functionalities that the system supports are embedded in the base OS of the controller and hence all the features are available throughout the range of the controllers. The Access Point support in the controllers are highly scalable and can start from as low as 4 and can go up to 2048 on a single controller platform.
• Central Management – Considering large campus and is a constantly changing environment. A centralized solution which integrates its capabilities in a centralized controller makes it very easy for an enterprise to start small and broaden a deployment to support all kinds of Wireless Clients, mobile voice or general purpose business applications—email, Internet, server access and guest access — to increase the productivity of the mobile guests and internal employees while also provides a single point of configuration, troubleshooting, and security monitoring.
• Ease of Implementation - The Aruba system is designed to be plug-and-play in most environments requiring no parameters to be configured individually in any equipment. The AP is having a plug and play kind of deployment flexibility and is connected to an existing Ethernet infrastructure. The controller has both the L2 and the L3 functionalities and can be spread over the existing network. The link from the Outdoor APs can be over UTP or Fibre.

Note: Motive of this project is to Provide secure Wireless LAN.

( Read more:  APT Secrets that Vendors Don't Tell )

Key Learning Dos and Don'ts :

• Security planning as per the environment is very crucial and important.
• It is very important for proper planning and handshaking for multisite setup and with centralized controller
• A reliable and manageable network infrastructure is essential.
• The ongoing management and maintenance of the access points and related equipment should be given serious consideration from the outset.
• Site surveys can be carried out in proper to avoid any issue post implementation.
• Wireless networks involve a lot more wires than the name would suggest.
• Deployment of a wireless network does not necessarily lead to an increase in administration costs
• What are your tips to evaluate Secure Wireless Networks? Share your views in the comments below.

-With Daljit Singh Sodhi, Aviva India Life Insurance, tells us the Dos and Don'ts of Secure Wireless Networks ClickToTweet

What are your tips to secure wireless networks? Share your views in the comments below.

Agriculture Insurance Company of India Ltd. (AIC) provides crop insurance coverage to 2.4 crore farmers annually, 86% of whom belong to the small and marginal category. To balance the twin challenge of crop insurance business, viz. reaching the remotest farmer at minimum service cost, AIC has developed a web-based, integrated, 360-degree IT Systems Solution Project titled "ANNAPOORNA", envisioned as an enabler for streamlining the business processes of the Company and an automator of the operational and administrative functions.

The Project encompasses 11 Application-baskets, ranging from the core Business Operations to Research & Development, Financial Management, Marketing Management, Human Resources Management, Knowledge Management & Portal, Legal Management, etc. to the Business Intelligence & Dashboard.

(Read more: How to choose your Security / Penetration Testing Vendor?)

Checklist for Evaluation:

Marking is given on a scale of 1 to 5, with minimum tolerance level individually at 2 and collective average at 4.

Below is the checklist used to evaluate ERP Project "ANNAPOORNA"

-With Avinanda Ghosh, Agriculture Insurance Company Of India Ltd., on How To Evaluate An ERP Project ClickToTweet

Do you use same parameters for your ERP project? Share your views in the comments below