Home > IT Blogs > Sister CISA CISSP/

Sister CISA CISSP:

Development

1
October 30, 2008  3:33 PM

Don’t Be Seduced Just Yet



Posted by: Arian Eigen Heald
Admins and Auditors, DataManagement, Development, Microsoft Windows, Security, Storage, Virtualization

I had a co-worker ask me yesterday what my opinion on "cloud computing" is, and whether it should be something they could recommend to clients. He had seen announcements about cloud computing from Microsoft According to a 2008 paper...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

September 19, 2008  7:37 PM

Auditing MS SQL – Roles, and Why They Matter



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, Database, Database security, Development, IT audit, Microsoft Windows, Security, SQL Server, Steps to an Easy Audit, Tools & Tricks of the Trade, Tools for Auditing and Security

SQL "Server" runs on top of MS Windows, and it has groups inside of it that are not seen on the Windows server or even the Windows Domain. That's why we have to check and make sure that inappropriate users don't have complete access to everything inside the database. Not everyone should be...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

July 1, 2008  3:08 PM

Making Software Developers Clean Up Their Act



Posted by: Arian Eigen Heald
Admins and Auditors, Compliance, Data Breaches, Database, Database security, Development, IT audit, Security, Tools & Tricks of the Trade

In the course of many audits and pentests, I can't tell you how many times I have found flaws and openings based on bad development practices. It's downright painful. And yet software keeps coming out with the same problems. I know WHY this is happening, but I can't stop it. YOU can. Have...

  Bookmark and Share     0 Comments     RSS Feed     Email a friend

1