Blog Posts Tagged with "Vendor Management"

Ebb72d4bfba370aecb29bc7519c9dac2

On SIEM Services

August 06, 2011 Added by:Anton Chuvakin

When a SIEM vendor tries to sell you services, it is NOT vendor greed – but simply common sense. And if you say “no”, it is not “saving money” – but being stupid. SIEM success out-of-the-box, while real in some cases, is a pale shadow of what a well-thought through deployment looks like...

Comments  (0)

49afa3a1bba5280af6c4bf2fb5ea7669

Evaluating the Cloud-Based Services Option Part II

July 06, 2011 Added by:Mike Meikle

Risk Management becomes a factor in determining if a Cloud solution is a viable choice. Businesses have to weigh the risk of moving a service or application to the Cloud against the potential for profit or savings. Risk management will have to educate the executives on the ramifications...

Comments  (0)

A88973e7d0943d295c99820ab9aeed27

Server Security in the Cloud

July 03, 2011 Added by:Simon Heron

When your data is “in the cloud” there is the clear and unmistakable risk that you could be sharing resources with not-so-ethical companies who may suddenly end up under investigation. Suddenly, you could lose your server and your website without notice, bringing business to a halt...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Why Your Vendor Doesn’t Want You to do Risk Analysis

June 23, 2011 Added by:Danny Lieberman

Small business IT integrators are behind the curve on security, compliance, disaster recovery and application security. The typical SMB integrator mindset is dominated by the Microsoft monoculture, and I would not expect them to be able to analyze data security threats...

Comments  (3)

7e364bbac217114a59e547b354e7f7ad

Components of Effective Vulnerability Management

June 19, 2011 Added by:Gary McCully

Vulnerability management is a continual process that monitors the effectiveness and the efficiency of your organization’s ability to mitigate vulnerabilities. Without a Vulnerability Management Program, you and your security program could be blindly walking off the edge of a cliff...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

VoIP and PCI Compliance

June 15, 2011 Added by:PCI Guru

When you start talking to security people about VoIP security, their knee-jerk response is to tell you that VoIP is secured by the corporate firewall. However, given that the VoIP protocols are stateless, even being behind a firewall really does not provide any protection...

Comments  (1)

4c1c5119b03285e3f64bd83a8f9dfeec

The Amazon Outage is OK? Well, Kind Of...

May 02, 2011 Added by:Ben Kepes

Cloud vendors are quick to point out how reliable their data centers are with redundant communication channels, power supply structures and the like. Any application running on the clouds needs to consider the same issues – it is unrealistic to rely completely on one single data center...

Comments  (0)

D15e0b682a84587af9af463961d00f22

IT Security - Who Watches the Watchmen?

April 27, 2011 Added by:John Nicholson

There are risks associated with allowing your data and applications to sit somewhere else, and some of these risks become more pronounced when you are operating in a cloud-based environment with little assurance about the physical location of your data. However, these risks can be managed...

Comments  (4)

39b6d5c1d3c6db11155b975f1b08059f

Data Loss Prevention: Less Flip this Week

April 14, 2011 Added by:Ron Lepofsky

Data leakage prevention technology tackles both data at rest residing within a network and specifically on disk storage and of course when data is in motion. Vendors of these technologies vary in what elements of the problem they wish to tackle. Some try to solve all possible problems...

Comments  (0)

5e402abc3fedaf8927900f014ccc031f

Epsilon’s Email Breach Should Impact Future SLAs

April 10, 2011 Added by:Allan Pratt, MBA

What were the service level agreements, and did they outline precautions that Epsilon would take to prevent such incursions? If none of this information was included in the SLAs, perhaps, it’s time for data-driven companies to include their information security strategies in SLAs...

Comments  (1)

959779642e6e758563e80b5d83150a9f

How to Make Federal Data Security Effective

April 06, 2011 Added by:Danny Lieberman

In order to improve IT security countermeasure effectiveness in the Federal Government, the OMB should reduce base payments to contractors who provide IT security services and link their compensation to a reduction in the damage caused to government data and network assets...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Paying for Risk: The Hidden Dangers of Software Acquisition

April 02, 2011 Added by:Rafal Los

Many organizations forego a Software Security Assurance (SSA) program simply because they don't develop their own software and so are missing the risks of the software or applications they are purchasing - don't get caught with this type of risk...

Comments  (0)

E11f33debef2ec264972f2def69a7dd2

Five Questions to Ask Your PCI Auditor Before You Hire Them

March 06, 2011 Added by:Aleksandr Yampolskiy

PCI DSS was created to enforce a set of minimum security standards. If your company accepts credit cards as a form of payment, then it must comply with the PCI standard. You want to use PCI compliance to tighten the security in your company, You don’t want a QSA to let you off easy...

Comments  (0)

4c1c5119b03285e3f64bd83a8f9dfeec

Cloud Standards –The Great Debate

March 03, 2011 Added by:Ben Kepes

I’ve always been against cloud standards at so early a stage in the cloud lifecycle. It seems to me that we’re on this amazing wave of innovation with core technologies being reinvented on an almost daily basis. Any move to lock down standards will really impact on the velocity of that adoption...

Comments  (0)

B44a73900ca3197c2d8f148e303b3faa

Writing Vendor Requirements to Avoid the Pain

February 27, 2011 Added by:Brad Bemis

You know you have an issue, you think up a technical solution, you ask about various vendor offerings, you read marketing literature; you listen to a vendor give a product pitch. The solution sounds good, so you buy it, plug it in, then watch it fall short of pretty much every expectation you had...

Comments  (0)

F520f65cba281c31e29c857faa651872

Using Open Source Business Intelligence Tools

February 09, 2011 Added by:Rahul Neel Mani

Open source BI tools do not have the same richness of features that the large BI tools have. There is a downside to this gap because many people have a need for those more advanced features. The good is that the open source products are less complex to configure and use for basic purposes...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »