Qadit's SecureITy ZoneInformation is power. Secure IT.
A good log management tool can be very effective in managing and ensuring security in an enterprise. However, the right tool can quickly become the wrong tool unless the organisation puts in the time and effort required to make the tool effective.
Here are a few best practices to ensure a successful implementation of a log management tool:
One of the main principles of security is accountability. There are some problems associated with accountability, such as the difficulty in determining the security relevance of each user action. Another problem is searching through the collected data to find meaningful information.
The first International Risk Management Standard ISO 31000:2009, together with ISO Guide 73:2009, was released by the International Organisation for Standardisation (ISO) on 15 November 2009.
And since IT Security is an integral part of Risk Management, it is useful for anybody interested in IT Security to know the basics of this new Risk Management ISO Standard.
The use of smart phones to access sensitive corporate information away from the office is creating huge security gaps for enterprises. Smart phones are being used to access company mails and applications. Atleast one major breach involving theft of application code has been attributed to malware from smart phones. So how do we benefit from the technology while addressing the risks Read more »
Introduction
LMI is a governance enabler. Log data is no longer just the domain of technical personnel (traditionally used for trouble shooting). Log data is no longer just an IT asset and it is a corporate and business asset. It is used extensively by both management and external parties (auditor, forensic investigators) and hence has gained executive level visibility. In this post we look at the new approach to log management.
This article summarizes the key offences pointed out in the Information Technology Act, 2000 and includes amendments made in the year 2008.
Sarbanes Oxley Act also known as SOX was enacted in the year 2002 in the United States in response to various corporate scams. The objective of the enactment has been to protect the shareholders and the general public from accounting errors and fraudulent business practices. The Act is administered by the Securities Exchange Commission and is applicable to public companies.
Virtualization is a buzzword that has been doing the rounds for a couple of years now. Does it really help organizations and how?
Qadit Systems and Solution(Qadit) has been empanelled with CERT-In as a qualified IT Security Auditing organisation upto April 30, 2012. We have also been empanelled by the Controller of Certifying Authorities (CCA) as an auditor under the Information Technology Act, 2000 for conducting the technical and physical infrastructure audits of the Certifying Authorities. This empanelment is valid upto September 23, 2011.