So that we are all on the same page -Vulnerability Management is when an IT department manages it’s inventory of devices with regard to what vulnerabilities each device could be at risk for. So if every system you own has a vulnerability, and you have 1000 systems it could get a bit challenging to manage. … Read more
Did you think it would never happen? Microsoft and Linux are increasing in their ties to each other. So as we protect systems in our networks, we are increasingly incorporating Linux systems for various reasons, Web servers, specific SQL server database needs or other reasons (file sharing or other support systems). A potential threat vector … Read more
The obvious angle(in 2018) is to applaud Amazon and chide Sears for the massive technological progress and stagnation respectively. Sure Sears did well in it’s day by pioneering catalogs and selling many things one does not think about right out of the catalog(houses and cars). But somehow when the internet technology came into being they … Read more
VISA had a presentation last week online to discuss this very question “PCI DSS Validation Process” We will get into the list shortly… First let’s discuss why one needs a validation process. PCI stands for Payment Card Industry and in fact the PCI standards organization is composed of Visa, Mastercard, Discover, American Express and JCB(Japan … Read more
So we all must have an Incidence response plan, which is only used after a computer security problem: Detect problem Investigate problem What type of the threat to the business? Does it rise to level of “Breach”? With significant legal disclosure requirements Did the attackers steal information/data? We know practice makes perfect, but how … Read more