Blog Posts Tagged with "Vendor Management"


On SIEM Services

August 06, 2011 Added by:Anton Chuvakin

When a SIEM vendor tries to sell you services, it is NOT vendor greed – but simply common sense. And if you say “no”, it is not “saving money” – but being stupid. SIEM success out-of-the-box, while real in some cases, is a pale shadow of what a well-thought through deployment looks like...

Comments  (0)


Evaluating the Cloud-Based Services Option Part II

July 06, 2011 Added by:Mike Meikle

Risk Management becomes a factor in determining if a Cloud solution is a viable choice. Businesses have to weigh the risk of moving a service or application to the Cloud against the potential for profit or savings. Risk management will have to educate the executives on the ramifications...

Comments  (0)


Server Security in the Cloud

July 03, 2011 Added by:Simon Heron

When your data is “in the cloud” there is the clear and unmistakable risk that you could be sharing resources with not-so-ethical companies who may suddenly end up under investigation. Suddenly, you could lose your server and your website without notice, bringing business to a halt...

Comments  (0)


Why Your Vendor Doesn’t Want You to do Risk Analysis

June 23, 2011 Added by:Danny Lieberman

Small business IT integrators are behind the curve on security, compliance, disaster recovery and application security. The typical SMB integrator mindset is dominated by the Microsoft monoculture, and I would not expect them to be able to analyze data security threats...

Comments  (3)


Components of Effective Vulnerability Management

June 19, 2011 Added by:Gary McCully

Vulnerability management is a continual process that monitors the effectiveness and the efficiency of your organization’s ability to mitigate vulnerabilities. Without a Vulnerability Management Program, you and your security program could be blindly walking off the edge of a cliff...

Comments  (0)


VoIP and PCI Compliance

June 15, 2011 Added by:PCI Guru

When you start talking to security people about VoIP security, their knee-jerk response is to tell you that VoIP is secured by the corporate firewall. However, given that the VoIP protocols are stateless, even being behind a firewall really does not provide any protection...

Comments  (1)


The Amazon Outage is OK? Well, Kind Of...

May 02, 2011 Added by:Ben Kepes

Cloud vendors are quick to point out how reliable their data centers are with redundant communication channels, power supply structures and the like. Any application running on the clouds needs to consider the same issues – it is unrealistic to rely completely on one single data center...

Comments  (0)


IT Security - Who Watches the Watchmen?

April 27, 2011 Added by:John Nicholson

There are risks associated with allowing your data and applications to sit somewhere else, and some of these risks become more pronounced when you are operating in a cloud-based environment with little assurance about the physical location of your data. However, these risks can be managed...

Comments  (4)


Data Loss Prevention: Less Flip this Week

April 14, 2011 Added by:Ron Lepofsky

Data leakage prevention technology tackles both data at rest residing within a network and specifically on disk storage and of course when data is in motion. Vendors of these technologies vary in what elements of the problem they wish to tackle. Some try to solve all possible problems...

Comments  (0)


Epsilon’s Email Breach Should Impact Future SLAs

April 10, 2011 Added by:Allan Pratt, MBA

What were the service level agreements, and did they outline precautions that Epsilon would take to prevent such incursions? If none of this information was included in the SLAs, perhaps, it’s time for data-driven companies to include their information security strategies in SLAs...

Comments  (1)


How to Make Federal Data Security Effective

April 06, 2011 Added by:Danny Lieberman

In order to improve IT security countermeasure effectiveness in the Federal Government, the OMB should reduce base payments to contractors who provide IT security services and link their compensation to a reduction in the damage caused to government data and network assets...

Comments  (0)


Paying for Risk: The Hidden Dangers of Software Acquisition

April 02, 2011 Added by:Rafal Los

Many organizations forego a Software Security Assurance (SSA) program simply because they don't develop their own software and so are missing the risks of the software or applications they are purchasing - don't get caught with this type of risk...

Comments  (0)


Five Questions to Ask Your PCI Auditor Before You Hire Them

March 06, 2011 Added by:Aleksandr Yampolskiy

PCI DSS was created to enforce a set of minimum security standards. If your company accepts credit cards as a form of payment, then it must comply with the PCI standard. You want to use PCI compliance to tighten the security in your company, You don’t want a QSA to let you off easy...

Comments  (0)


Cloud Standards –The Great Debate

March 03, 2011 Added by:Ben Kepes

I’ve always been against cloud standards at so early a stage in the cloud lifecycle. It seems to me that we’re on this amazing wave of innovation with core technologies being reinvented on an almost daily basis. Any move to lock down standards will really impact on the velocity of that adoption...

Comments  (0)


Writing Vendor Requirements to Avoid the Pain

February 27, 2011 Added by:Brad Bemis

You know you have an issue, you think up a technical solution, you ask about various vendor offerings, you read marketing literature; you listen to a vendor give a product pitch. The solution sounds good, so you buy it, plug it in, then watch it fall short of pretty much every expectation you had...

Comments  (0)


Using Open Source Business Intelligence Tools

February 09, 2011 Added by:Rahul Neel Mani

Open source BI tools do not have the same richness of features that the large BI tools have. There is a downside to this gap because many people have a need for those more advanced features. The good is that the open source products are less complex to configure and use for basic purposes...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »