All Articles

Top technologies / solutions available for the Single Sign-On are :

1.Common Standard Solutions:

• The Generic Security Service Application Program Interface GSS-API.
• OSF Distributed Computing Environment DCE.
• Pluggable Authentication Modules PAM

 2.

ISO 27001 certification in brief

• ISO 27001 formally specifies a management system that is intended to bring information security under explicit management control.
• Being a formal specification means that it mandates specific requirements.
• Organizati

Requirement for solutions related to Database security

A CISO should define the requirement for solutions related to Database security by first understanding the business and threat environment and decide on the most applicable threats and security p

Top steps during the implementation of a project related to Database Security

1.As most of the times, application developers or persons implementing the applications also work as database administrators, it is important that database administration i

Top technologies / solutions available for Database Security include the following:

1. Encryption controls.
2. Integrity controls.
3. Data Leakage Prevention (DLP) solutions
4. Access Controls
5. Auditing Controls
6. Backup Solutions.

(Read more:  BYOD Security: Fr

Top technologies / solutions available for Application Security

Applications can be broadly classified into three categories viz. Thick client applications (Client/Server), Web Applications (Access over Internet or Intranet) and Mobile Applications.

Top steps during the implementation of a project related to Anti Spam Security

• Incorporation of spam detectors to block malicious/ fraudulent e-mails
• Installation of filters for automatic detection/ deletion of malicious software
• Deployment of softw

There are many technologies /solutions available to control Spam. There is no one technology which is complete solution by itself. With most anti-spam solutions, the key challenge is trying to balance false negatives (missed spams) vs false positives

Spam in general can be understood as unsolicited email received in large volume. These emails eat up productive time of user/employees of the organization and very important to control it before delivering to users’ mail boxes. A large percentage of

A CISO need to understand the exact requirement before designing the BYOD domain in the organization. Keeping in mind the exact business need and value add which can be or intended to obtain using this technology.

(Read more:  5 easy ways to build yo

Top technologies / solutions available for BYOD Security:

Task for companies who utilize BYOD is to develop a policy that defines exactly what sensitive company information needs to be protected and which employees should have access to this informa

Key advantages of using BYOD Security:

■ Extend corporate security policies to mobile devices

• Device password policy configuration
• Lock out after failed attempts
• Disallow previously used passwords

■ Easily disable lost or stolen devices to protect

A brief on what BYOD is all about: 

For all multi national companies, improving productivity and employee work life balance is a choice between - either spend  a lot of money , provide them mobility or implement secure IT practices and adopt the BYOD

There are so many Endpoint Security Products in the market and every solution has atleast one or more unique feature in their product. So, it’s a tough job for a CISO to choose one of them for his organization. However, a Best Fit Analysis would be b

Now this is a very subjective term as “Right” to each is quite different. More so, the subject “Information Security” by itself is quite a dynamic and an evolving term. Here, any measure stick with constant attributes may not provide a true insight f

The 2012 Cost of Data Breach Study conducted provides some valuable information about the average cost of an enterprise data breach. The study, released in March’13, also recognized that organizations with a chief information security officer (CISO)

Introduction

Since the early days of the internet, DDoS had been a favorite weapon of cyber-criminals. Recently there was news about the biggest DDoS attack in history targeted towards Spamhaus, an anti-spam group. The attacks reportedly peaked at 300

Here are the key best practices that organizations need to adopt for securing their Big Data.

 1. Secure your computation code:

• Proper access control, code signing, auditing should be implemented to secure computation code.
• Implement a strategy to prote

Recently, we were pentesting a Data mining and Analytics company. The amount of data that they talked about is phenomenal and they are planning to move to Big Data. They invited me to write a blog on state of the art, Big Data security concerns and c

I have seen many blogs, articles and most of them stated as, CISO need the ability to adopt the business. The role of the CISO in any organisation is to protect the business and bring the operations under secured mode, under the policy defined, gover