July 30th, 2009 in Governance, Risk & Compliance, IT Security, Network Security, Uncategorized | 1 Comment »
Payment Card Industry (PCI) – Data Security Standard is standard set based on a consensus based process led by 5 major credit card companies. It is not a government enforced standard and compliance is enforced by the credit companies.
Non-compliance results in higher fees and severe fines in the event of breach. All merchants and service providers collecting and processing credit card transactions are required to comply with the PCI-DSS. Version 1.2 of the standard was released in October 2008.
Section 6.6 of the PCI-DSS requires that for all public-facing applications, new threats and vulnerabilities should be addressed on an on-going basis and ensure that the applications are protected against know attacks.
Read more »
July 29th, 2009 in Network Security | 1 Comment »
Wireless network has become one of the weakest security links in IT infrastructure in recent times. Many security incidents have been linked to weak configuration of the Wi-Fi router at home / office. This article gives a checklist of 7 basic steps to secure your Wi-Fi router. Read more »
July 26th, 2009 in OS Security | 1 Comment »
Basic Security Module or BSM is the audit tool used by Solaris Operating System. The BSM files are located in the /etc/security directory. To enable the BSM, the administrator has to run the bsmconv script. This script creates a number of files in the /etc/security directory. In this article we shall discuss two important files that are created viz. Audit Control File and Audit User File Read more »
July 22nd, 2009 in IT Security | No Comments »
Imagine the situation of losing one’s laptop. What is the cost? It involves not only losing a significant expense but also the data stored in it which may range from personal data like photos, important numbers, music, software etc to corporate data where the cost involved could be unimaginable. A recent survey conducted by Dell and Ponemon Institute reveals that upto 12000 laptops are stolen in the United States Airport every week. This means one laptop is getting stolen every 50 seconds approximately!! Read more »
July 17th, 2009 in IT Security | 1 Comment »
Web applications are those that are accessed using web browsers like Firefox or Internet Explorer. The protocol used by web applications is called Hyper Text Transfer Protocol (HTTP). The secure version of this protocol is HTTPS.
Read more »
July 10th, 2009 in Governance, Risk & Compliance, IT Security, Uncategorized | No Comments »
Botnets are suddenly in the news for all the wrong reasons. What are botnets and why are they in the news?
Read more »
Qadit's SecureITy Zone