SEARCH RESULTS
 
Showing 1-10 of 154 records
 
Expand article

Audit/Monitor Controls or Audit/Monitor BEFORE Control?

The Article has images
2008-02-28 11:38:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
...audit ." Note that audit which, in this case, broadly includes audit, monitoring and detection, comes last. It seems to be fairly in line with common sense: you audit the controls after you put them in place; you monitor after you have authentication and authorization taken care of and you detect the violations after you organized your...
 
Tags: audit, broadly includes audit, broadly, includes, audit whatsoever, full-blown audit capability, paper, paper clarifies, controls
 
 
 
 
Expand article

Colorado Division of Motor Vehicles cited in audit report

The Article has images
2008-07-11 09:18:07 by Evan Francen in The Breach Blog
...Auditor, Driver's License and Identification (ID) Card Security Report Credit Jessica Fender, The Denver Post - Brought to the attention of The Breach Blog by an informed reader Response From the online source cited above The Division of Motor Vehicles put 3.4 million Coloradans at risk of identity theft due to flaws in the way...
 
Tags: information, personal information, information security, information security breaches, sensitive information, information security strategy, information security program, security, cyber security
 
 
 
 
Expand article

Managing Audit Thrash

2007-10-08 19:04:00 by Bryan in practical risk management
 
...audits leaves them with precious little time to get any real work done. Audit Thrash Now don't get me wrong... security audits aren't fundamentally bad. In fact, when done right I've seen them add a lot of value. It's just that we need a strategy for managing the workload they create so we can get back to getting some real work done Perhaps...
 
Tags: security audits leaves, security audits, controls information, information, controls, security, controls framework, framework, similar controls
 
 
 
 
Expand article

CISSP's - Be Prepared for Audit

2008-06-05 14:14:42 by JJ in Security Uncorked
 
...audits. If you attend an event, even if the event host is an (ISC)2 CPE-Submitter, you need to retain your proof of attendance and keep those documents on file. Generally an event host will provide a CPE audit retention sheet at the time of the event, or post-event I recently received an audit for my attendance at the RSA Conference in...
 
Tags: event, event hosts, event host, post-event, audit, attendance, isc, attendance sheet, time frame
 
 
 
 
Expand article

How to Audit a Log Server?

2008-02-05 18:31:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -
 
...Auditing a Corporate Log Server" [PDF] touches upon an important, but rarely discussed subject: security audit of a log server (or a log appliance Whether it is a home-grown log server or a vendor's log management tool, security audit will help establish that your logs will remain useful for investigations, forensics, possibly litigation...
 
Tags: log server, protect logs c-i-a, logs, preserve computer logs, home-grown log server, protect, security audit, reasons, establish
 
 
 
 
Expand article

Create DDL table in SQL Server 2005 to audit DDL trigger activity

2008-05-06 10:18:43 by Heidi Sweeney in WhatIs: Enterprise IT tips and expert advice
 
Each time DDL statements in SQL Server 2005 make changes with commands, such as CREATE TABLE and ALTER, the DDL trigger fires an event. It's possible to log these events with an audit table and custom-made DDL trigger. In this tip, SQL Server expert Robert Sheldon walks you through designing the audit table, defining the DDL trigger and then...
 
Tags: ddl trigger, table, custom-made ddl trigger, audit table, ddl trigger fires, sql server, time ddl statements, commands, event
 
 
 
 
Expand article

Insider threat highlighted at audit conference

2008-03-11 00:00:00 by HASH0x8b3fa80 in Network World on Security
 
The recent scandal at French bank Société Générale has again highlighted how vulnerable companies are against insider threats, speakers said Tuesday at the European Computer Audit Control and Security Conference in Stockholm Protecting the Enterprise Network Through Web Security Advertisement New focus is being placed on securing...
 
Tags: insider threats, threats, enterprise network, web security, vulnerable companies, security conference, recent scandal, advertisement, focus
 
 
 
 
Expand article

5 tips to audit and improve virtual server security

2008-05-09 00:00:00 by HASH0x8b26bec in Network World on Security
 
...audit by keeping in mind what you've already learned in the physical world is an excellent approach. Security analysts say the same practices, principles and basic common sense apply for a group of virtual servers as for any physical server farm. But, IT managers also need to factor in some additional considerations, due to the unique...
 
Tags: virtual servers, physical server farm, virtual security audit, additional considerations, security questions, physical world, excellent approach, unique characteristics, physical machines
 
 
 
 
Expand article

GGGetting the Best From an Audit

2008-05-12 06:22:04 by Editor in Computerworld Security News
 
Don't fear the audit. Learn from it. The important thing is that systems should be more secure in the end
 
Tags: audit, systems, fear, secure