Active Directory

Dec 22 2008   2:09AM GMT

Has the new Active Directory evolved to meet the needs of the Users - SAS70

Posted by: sas70expert
Active Directory, SAS 70, ActiveDirectory

With the release of Windows 2000, ActiveDirectory fire appeared and is not on its fourth version. New changes with Windows Server 2008 are: 1) a new domain controller model aimed at branches, new object restoration options, ability to take snapshots backups, and more flexible password policies. When performing a SAS 70 audit, many auditors use applicaitons, such as dumpsec, to gather information that is stored in Active Directory, What tools do you use to gather user permissions within your applications?  sas70expert at gmail.com

Jul 1 2008   5:45PM GMT

Do you need the Secret Service to guard your data? – SAS70

Posted by: sas70expert
Security management, Third-party services, Administration, Database issues, Disaster Recovery, Networking, Active Directory, Network security, Storage, Security, Network monitoring, Servers, Microsoft Windows, Information risk management, Management, Security Program Management, Risk management, human factors, Database, Database Management Systems, business/IT alignment, Access, Financials, Access control, Industry Solutions, Data center operations, Network Management Systems, Data center design, Network, CIO, DataCenter, DataManagement, CEO, management software, Single sign-on, FTP, CFO, cooling systems, Backup & recovery, Exchange, Backup, power systems, SAS 70, budget, bugeting, CSO

It’s election year and security to protect some of our most valuable assets is being discussed more frequently – including politicians and data privacy requirements (proposed Regulation S-P). Does that mean you should be considering the Secret Service to guard your data? I don’t think so; however, you should have a plan to manage risk of data loss. This plan should contain proactive thinking that promotes a culture of prevention. A SAS70 audit will assist you in determining your vulnerabilities and identifying weaknesses in information technology network; however, you must continually assess and evaluate scenarios, and stay informed of the latest and greatest networking threats. Communication and training are key to a data protection plan. What are some of the other characteristics?SAS70expert@gmail.com

 

Jun 19 2008   2:28PM GMT

Which search engine owns you? Identity management is owned by whom? – SAS70

Posted by: sas70expert
Third-party services, Active Directory, Security, Microsoft Windows, Identity & Access Management, Compliance, Auditing, Access, Access control, CIO, DataCenter, DataManagement, Single sign-on, Exchange, SAS 70, CSO

 Is it Yahoo? Or Google? Or? Shouldn’t it be the individual consumer? Every time you register on a website to download a movie or order a box of nuts, that information is being recorded. Some websites don’t keep this information confidential; it becomes entrenched in the search engine optimization techniques used by search engines and your name, address, and phone number may be appearing in random searches by someone in the Antarctic.

 

Without additional privacy legislation and SAS70 audits, your personal information may not be so personal anymore. Currently, if your personal information is leaked to the public, Companies only have to inform you of the data breach, and get you a credit monitoring service. Does this  seem fair? Should you have a single signon that is secure and corruption is preventable?