Disaster recovery and contingency planning security considerations

Written by Phil on January 4, 2011 in disaster preparedness, Disaster Recovery, InfoSecurity.

In a disaster, all focus is — naturally — on getting critical business processes back up and running. Whether the disaster is natural or manmade, it’s all about recovering business operations as fast as possible, getting employees back to work, and avoiding costly downtime.

Continue reading Disaster recovery and contingency planning security considerations

Tags: Disaster Recovery, information security, ity breach

Sample InfoSec Policy – Computer And Communications Facility Location

Written by Phil on November 11, 2010 in InfoSecurity, Standards.

This is a sample policy from Information Security Policies Made Easy, by Charles Cresson Wood.

Continue reading Sample InfoSec Policy – Computer And Communications Facility Location

Tags: charles cresson wood, information security policies, information security policies made easy, InfoSecurity, ISPME

How Your Business Can Avoid Being Collateral Damage In A Cyber War

Written by Phil on September 1, 2010 in InfoSecurity.

All around the world, governments declare they are gearing up for cyber war. The term “Cyber war” seems to be on everyone’s lips again.

Continue reading How Your Business Can Avoid Being Collateral Damage In A Cyber War

Tags: cyber war, cybersecurity

Russian spy ring needed some serious IT help

Written by Phil on July 12, 2010 in InfoSecurity.

The Russian ring charged this week with spying on the United States faced some of the common security problems that plague many companies — misconfigured wireless networks, users writing passwords on slips of paper and laptop help desk issues that take months to resolve. Continue reading Russian spy ring needed some serious IT help

Tags: cybersecurity, espionage, InfoSecurity, Russia, spy, steganography

USB coffee-cup warmer could be stealing your data

Written by Phil on July 12, 2010 in InfoSecurity.

Are you sure that the keyboard or mouse you are using today is the one that was attached to your computer yesterday? It might have been swapped for a compromised device that could transmit data to a snooper. Continue reading USB coffee-cup warmer could be stealing your data

Tags: bugging, cybersecurity, eavesdropping, espionage, InfoSecurity, spying

What if the smart grid has stupid security?

Written by Phil on June 17, 2010 in disaster preparedness, InfoSecurity.

In the past, the security of the grid was based on isolation and obscurity. In the future, the ubiquity of Smart Grid elements will make physical and electronic isolation impossible.

Continue reading What if the smart grid has stupid security?

Tags: critical infrastructure, Smart Grid

Eavesdropping Detection Audits

Written by Phil on June 10, 2010 in InfoSecurity.

As the saying goes, “Sometimes the paranoids are right.” You never know when you might need Technical surveillance counter-measures (TSCM).

Continue reading Eavesdropping Detection Audits

Tags: cybersecurity, eavesdropping, espionage, security, Technical surveillance counter-measures, TSCM

Survey: Business continuity, not data breaches, a top concern for tech firms

Written by Phil on June 2, 2010 in Business Continuity, InfoSecurity, survey.

A new “risk factors” list from consultancy BDO finds security worries about data leakage are not top of mind – at least as expressed in their SEC filings.

Continue reading Survey: Business continuity, not data breaches, a top concern for tech firms

Tags: Business Continuity, data breach, informatio security, InfoSecurity, risk factors, survey

Study: Cost of data breach in U.S. is highest world wide

Written by Phil on May 19, 2010 in InfoSecurity.

A global study of data breach costs conducted by the Ponemon Institute finds notification laws have dramatic impact on the price tag.

Continue reading Study: Cost of data breach in U.S. is highest world wide

Tags: data breach, information security, InfoSecurity

Study: Disaster Recovery Plans Shift Away from IT and Data Security

Written by Phil on March 25, 2010 in Disaster Recovery, InfoSecurity, survey.

The emergence of the H1N1 virus and several severe weather-related events have shifted disaster recovery planning emphasis away from IT and data security threats toward pandemic planning and disaster recovery efforts, according to an annual study conducted by Varolii Corporation, a provider of on-demand business continuity communications.

Continue reading Study: Disaster Recovery Plans Shift Away from IT and Data Security

Tags: Disaster Recovery, study, survey

Featured InfoSecurity Policy – Telecommuter Working Environments

Written by Phil on March 11, 2010 in Books, InfoSecurity.

Reducing risk associated with a new technology often requires a combination of overlapping management and technical policies. For example, simply publishing a policy that restricts peer-to-peer networking software may not be sufficient to protect against data leakage if the organization has not defined any controls around computing environments for remote workers. Since many data leaks occur through home-based networks, protection involves a blend of policies including desktop configuration control, acceptable use and physical and environmental controls. As an example, consider this sample policy for Internet Telecommuter Working Environments.

Continue reading Featured InfoSecurity Policy – Telecommuter Working Environments

Tags: charles cresson wood, information security policies, information security policies made easy, InfoSecurity, ISPME, policies, Telecommuter

Rothstein Associates Inc. Business Survival ™ Weblog

Profile

Global Disaster Alert

Business Survival ™ News

Business Continuity/Disaster Recovery Bookstore Bestsellers

Archives

Affiliates