Securing Cloud-based Applications
Michael Mendelsohn, CISSP, Antoine Philipovitch, William Welch, CISM, and Robert Zanella, CISA
One of today’s big security marketing pushes is enterprise single sign-on (ESSO).
Database Backup and Recovery Best Practices
Ali Navid Akhtar, OCP, Jeff Buchholtz, Michael Ryan, CIA, CPA, and Kumar Setty, CISA
This article covers the topics related to data loss and the types of database backup and recovery available.
The Devil’s in the Details
Seth Davis, CFA, CIA, CPCU, Pat Ferrell, ARe, AIC, CPCU, Sean Scranton, CISA, CISM, CCNA, CISSP, and Peter Millar
Fraud impacted 87 percent of organizations in 2010, according to the Kroll Global Fraud Report.
Gan Subramaniam, CISA, CISM, CCNA, CCSA, CIA, CISSP, ISO 27001 LA, SSCP
What kind of risks should organizations be cognizant about particularly when they outsource their internal processes and data processing to third parties?
A Room With Machines
Steven J. Ross, CISA, CISSP, MBCP
If there is to be any advanced technology, the data center and the machines in it need to be operated and maintained in a manner consistent with prudent business practices.
Evaluating Access Controls Over Data
Tommie W. Singleton, Ph.D., CISA, CGEIT, CITP, CPA
This article offers some basic guidance to IT auditors in evaluating the access controls over relevant data files.
JOnline: Book Review—Cyber Attacks: Protecting National Infrastructure
Edward Amoroso | Reviewed by Jeimy J. Cano M., Ph.d., CFC, CFE, CMAS
This book is particularly interesting to and useful for information security and IT governance professionals because of its strategic and tactical guidance that can help refine decisions on the protection of critical infrastructure.
JOnline: Book Review—Information Security and Privacy
Thomas J. Shaw Esq. | Reviewed by Horst Karin, Ph.d., CISA, CRISC, CISSP
It is critical for businesses to understand legal implications and compliance and to have appropriate safeguards and risk management efforts in place to protect the information and private data of customers and the organization.
JOnline: Log Management: A Pragmatic Approach to PCI DSS
Prakhar Srivastava and Tarun Verma
Log management can play a pivotal role in addressing PCI DSS requirements, be a success factor and enabler for safeguarding cardholder transaction data, and provide a secure and vulnerability-free environment for cardholders.