How to Identify Security Breaches Quickly?

Network administrator and cabling teams are the key persons spotting the security breaches in an organization. Two technologies currently used in network monitoring systems: SPAN (switched port analyzer), also known as port mirroring, and TAP (traffic access point). A SPAN port copies traffic from any traffic port to a single unused port. SPAN ports also prohibit bi-directional traffic on that port to protect against back flow of traffic into the…

Keep Calm and have a Business Continuity Management in Place.

Information Security aspects of Business Continuity Management Business continuity is a proactive plan to avoid and mitigate risks which might create a disruption in the delivery of service to your customers or abrupt your operations. Business continuity management outlines the steps should be taken before, during and after an event to maintain the financial viability of an organization. Business continuity management elaborates a framework for identifying organization’s risk of exposure…

An Incident Management is a must in today’s organisation!!

A.16. Information security incident management An incident is defined as any disruption in IT service. Incident management deals with handling incident and ensures to restore IT service soon as possible. The A.16. clause of the ISO 27001 provides appropriate methods to manage any information security incidents that may take due to a series of unforeseen adverse events. It also formulates strategies for improvements in the information security domain. Information security incident management…

Human resource security – defining roles and responsibilities

A7. Human resource security   The   crucial   task   for HR department when it comes to information security is to be proactive rather than reactive. It is indecorous just to rely on your IT departments  to make sure staff are educated about data loss and how to prevent it. HR professionals has to ensure that  employees  comply  with  security policies. The purpose of this standard is to set rules that apply…

If you believe being compliant is costly, try being non-compliant.

Objective: The objective of adhering to Compliance is to avoid breaches related to legal, statutory, regulatory or contractual obligations related to information security or any security requirements. This module of ISO 27001 helps in identification of applicable legislation and contractual requirements for the organization.   How does being compliant helps the organization: All relevant legislative statutory, regulatory, contractual requirements and the organization’s approach to meet these requirements shall be explicitly…