CISO Platform's Blog – August 2013 Archive (11)

Action List Before Adopting a Cloud Technology

Firstly the CISO has to work with the CIO and the business to understand the business need to implement this and then clearly articulate associated risk exposure to the firm and its stakeholders.

A detailed due diligence has to be completed following which the risk posture and risk mitigation guidance has to be provided. Subsequently a corporate policy along with the mitigating controls has to be implemented and training imparted to the relevant business users.

( Read more: …

Continue

Added by CISO Platform on August 28, 2013 at 4:00pm — 1 Comment

Technology/Solution Guide for Single Sign-On

Top technologies / solutions available for the Single Sign-On are :

1.Common Standard Solutions:

  • The Generic Security Service Application Program Interface GSS-API.
  • OSF Distributed Computing Environment DCE.
  • Pluggable Authentication Modules PAM

 2.Broker-Based SSO Solutions: having one server for central authentication & user account management.                  

  • Kerberos: Trusted Kerberos…
Continue

Added by CISO Platform on August 28, 2013 at 3:30pm — 1 Comment

Database Security Vendor Evaluation Guide



Requirement for solutions related to Database security

A CISO should define the requirement for solutions related to Database security by first understanding the business and threat environment and decide on the most applicable threats and security parameters while balancing performance of application and security.

( Read more: …

Continue

Added by CISO Platform on August 28, 2013 at 2:00pm — No Comments

My Key Learning While Implementing Database Security



Top steps during the implementation of a project related to Database Security



1.As most of the times, application developers or persons implementing the applications also work as database administrators, it is important that database administration is handled by different persons in the team. For bigger projects, you should have a separate database team. This helps on most of the occasions to have better control on database management and…

Continue

Added by CISO Platform on August 28, 2013 at 1:30pm — No Comments

Anti Spam Security Project Implementation Guide and Top Common Mistakes



Top steps during the implementation of a project related to Anti Spam Security

  • Incorporation of spam detectors to block malicious/ fraudulent e-mails
  • Installation of filters for automatic detection/ deletion of malicious software
  • Deployment of software for blocking outgoing delivery of sensitive information to malicious parties
  • Implementation of standard anti-virus, filtering, and anti-spam software…
Continue

Added by CISO Platform on August 28, 2013 at 12:30am — No Comments

CISO Viewpoint: Choosing the Right Anti-Spam Security Solution

There are many technologies /solutions available to control Spam. There is no one technology which is complete solution by itself. With most anti-spam solutions, the key challenge is trying to balance false negatives (missed spams) vs false positives (rejecting good email). This is critical for a successful anti-spam deployment. Each approach has its own associated costs in time and effort.

Spam filtering can be done at the gateway or the client level.  There are options of using…

Continue

Added by CISO Platform on August 28, 2013 at 12:00am — No Comments

BYOD Security: From Defining the Requirements to Choosing a Vendor

A CISO need to understand the exact requirement before designing the BYOD domain in the organization. Keeping in mind the exact business need and value add which can be or intended to obtain using this technology.

(Read more:  5 easy ways to build your personal brand !)

Build of solution for BYOD is directly related to business requirement without any compromise to security of information…

Continue

Added by CISO Platform on August 27, 2013 at 5:30pm — No Comments

Under the hood of Top 4 BYOD Security Technologies: Pros & Cons

Top technologies / solutions available for BYOD Security:

Task for companies who utilize BYOD is to develop a policy that defines exactly what sensitive company information needs to be protected and which employees should have access to this information, and then to educate all employees on this policy.

Technologies for security of BYOD :

1.     VDI- One popular software-based security method gaining steam in BYOD environments is…

Continue

Added by CISO Platform on August 27, 2013 at 5:30pm — No Comments

CISO Viewpoint: Key advantages of using BYOD Security



Key advantages of using BYOD Security:

■ Extend corporate security policies to mobile devices

  • Device password policy configuration
  • Lock out after failed attempts
  • Disallow previously used passwords

■ Easily disable lost or stolen devices to protect corporate assets

  • Remote Locking
  • Remote Profile remove
  • Remote Wipe out

■ On-device…

Continue

Added by CISO Platform on August 27, 2013 at 5:00pm — No Comments

Top Questions to ask vendor for evaluating Anti-Malware Security offering

There are so many Endpoint Security Products in the market and every solution has atleast one or more unique feature in their product. So, it’s a tough job for a CISO to choose one of them for his organization. However, a Best Fit Analysis would be best practice for each organization as per own business processes and Infrastructure.

Before the evaluation process one should identify and classify the critical and sensitive Data. Next, map them with different Business processes. Once…

Continue

Added by CISO Platform on August 27, 2013 at 5:00pm — No Comments

How Should a CISO choose the right Anti-Malware Technology?

Now this is a very subjective term as “Right” to each is quite different. More so, the subject “Information Security” by itself is quite a dynamic and an evolving term. Here, any measure stick with constant attributes may not provide a true insight for the choice of Technology. However, certain parameters of the selection process can be generalized for operational efficiency.

(Read more: …

Continue

Added by CISO Platform on August 27, 2013 at 4:30pm — No Comments

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

Related Posts