Google

Monday, October 29, 2007

Data Centre / Computer Room location

The location of the central computer facility should not be advertised on signs, maps, or directory listings of the organization.

Computer centres should be located away from environmental hazards such as oil and gas storage depots, areas where flooding is regular, airport flight-paths, etc.

In multi-storey buildings, the computer facility should be located above ground level if there is a risk of external penetration and/or flood damage. Computer equipment should not be located in basement areas where flood water could collect.

The computer facility should be physically separated from other departments within the organization.

References:
http://www.theiia.org/itaudit/index.cfm?act=ITAudit.archive&fid=199
http://www.theiia.org/itaudit/index.cfm?act=ITAudit.archive&fid=200
http://www.theiia.org/itaudit/index.cfm?act=ITAudit.archive&fid=189

Labels: ,

technorati tags:

Sunday, October 28, 2007

Short UNIX History

technorati tags:

Thursday, October 25, 2007

Concept of Microsoft Windows 2000 Active Directory

technorati tags:

Friday, October 19, 2007

IS Introduction

Information System Introduction

Information = Processed Data; (that can be used for action & decision making)

People and Hardware
+
Data and Software

= Information (report)


Labels: ,

technorati tags:

Thursday, October 18, 2007

Information Security - Office security

technorati tags:

Cobit Games

Part of ISACA COBIT foundation course

Labels:

technorati tags:

Tuesday, October 16, 2007

network security

technorati tags:

Monday, October 08, 2007

Computer Security 101

Security = Confidentiality + Integrity + Availability

Labels: ,

technorati tags:

Sunday, October 07, 2007

Hacker G

Educational video about computer security



Labels: ,

technorati tags:

Thursday, October 04, 2007

Instant Messaging (IM)

There are public IM and Enterprise IM, and of course there are risks in using the software especially the unsecured public IM.

http://www.networkworld.com/research/2004/0628imfeat5.html

Some companies are using secure IM for their business communication purposes.

Secure Instant Messaging - Case Study

Secure Instant Messaging - Practical Business Benefits

Conducting Effective Audits of Messaging Systems

As for auditors, proper access controls, system documentation, and disaster recovery plans are some of the items auditors need to examine during reviews of messaging systems.

http://www.theiia.org/ITAudit/index.cfm?iid=556&catid=21&aid=2790

technorati tags:

Wednesday, October 03, 2007

Identity Theft : Data Breach, Hacking, Hackers

Labels:

technorati tags:

P2P Computer Security Risk

Risk of using P2P(peer to peer) application e.g. Bit Torrent, Kazaa, Lime Wire.

P-to-P Application Causes Police Security Disaster in Japan
A policeman in Japan was fired after a P2P application, Winny, on his PC caused highly confidential information to reach the Internet.
http://security.itworld.com/4337/070724police/page_1.html


Labels: ,

technorati tags:

Cisco - Security Training Video

Video used for internal training at Cisco. The basics of Security, simple analogy of VPN, firewall?


Labels:

technorati tags:

Tuesday, October 02, 2007

Smokers as an IT security risk?

A U.K. firm is claiming smokers pose a risk to IT security by leaving doors open when they take a puff break. Network World investigates


Labels: , ,

technorati tags:

How Computer Viruses Work

Labels:

technorati tags:

How Anti-Virus Works!

Labels:

technorati tags:

BCP

The worse part about contingency planning is having to explain to people who depend on you, why you didn't do it

Labels:

technorati tags:

The Importance of Internal Controls

Labels:

technorati tags:

IT Corporate Governance Part 2

Labels:

technorati tags:

IT Corporate Governance Part 1

A group project on poor IT Governance


Labels:

technorati tags:

Monday, October 01, 2007

What are the Benefits of Implementing CobiT?

This video clip from www.soxtelevision.com with Michael P. Cangemi, Past President of ISACA & Editor-in-Chief of the IS Control Journal, features an in-depth definition of the CobiT IT governance framework, and discusses key benefits of its implementation.

http://www.youtube.com/watch?v=bg_GEN8AZA0

Labels: ,

technorati tags:

IT Project Fail Big Time

Federal IT projects aren't doomed to fail, but some do

Labels:

technorati tags:

Which IT Projects are successful?

A survey by the BCS (British Computing Society) shows that short e-business projects are most likely to be successful:

Labels:

technorati tags:

How a computer network is made

Labels:

technorati tags:

Auditing and Monitoring

technorati tags:

Audit and Compliance in AD-centric Identity Management

technorati tags: