Servers

Jul 1 2008   5:45PM GMT

Do you need the Secret Service to guard your data? – SAS70

Posted by: sas70expert
Security management, Third-party services, Administration, Database issues, Disaster Recovery, Networking, Active Directory, Network security, Storage, Security, Network monitoring, Servers, Microsoft Windows, Information risk management, Management, Security Program Management, Risk management, human factors, Database, Database Management Systems, business/IT alignment, Access, Financials, Access control, Industry Solutions, Data center operations, Network Management Systems, Data center design, Network, CIO, DataCenter, DataManagement, CEO, management software, Single sign-on, FTP, CFO, cooling systems, Backup & recovery, Exchange, Backup, power systems, SAS 70, budget, bugeting, CSO

It’s election year and security to protect some of our most valuable assets is being discussed more frequently – including politicians and data privacy requirements (proposed Regulation S-P). Does that mean you should be considering the Secret Service to guard your data? I don’t think so; however, you should have a plan to manage risk of data loss. This plan should contain proactive thinking that promotes a culture of prevention. A SAS70 audit will assist you in determining your vulnerabilities and identifying weaknesses in information technology network; however, you must continually assess and evaluate scenarios, and stay informed of the latest and greatest networking threats. Communication and training are key to a data protection plan. What are some of the other characteristics?SAS70expert@gmail.com

 

Jun 12 2008   8:51PM GMT

iPhone’s and data security

Posted by: sas70expert
Networking, Security, Servers, Compliance, Viruses, Auditing, CIO, Mobile, DataManagement, Email, Exchange, SAS 70

What about the new iPhone? It has an abundance of new features and new headaches? With the latest push of emails to your iPhone, how many more network issues will this create? 

With the iPhone, you can download, pictures, music, and applications – how many of these will have undetected viruses or Trojan horses? As executives demand more technology, do you have enough security in place to prevent such disasters to your network? How much downtime can you afford? 

In a SAS70 audit, wireless networks and the related controls are normally tested. Testing of phone connectivity to internal networks and the related hazards are not normal considerations. 

I would recommend standardization of cell phones. Chose a cell phone that meets business needs and provides basic communication access for employees. Enact most security features to prevent rogue viruses from attacking your network. The phones should only sync with your business Exchange server and not the employee’s personal contacts or emails.