Viewing IT security from the IT security industry http://www.isscp.com/blog/ en Copyright 2007 http://blogs.law.harvard.edu/tech/rss Thu, 4 Oct 2007 08:59:05 -0400 How much importance to do or your organization place on log files? and what do you do with the information. The "Athens Affair" would never have been found if logs were not reviewed by a human log reader. http://www.isscp.com/blog/2007/10/10-03.html http://www.isscp.com/blog/2007/10/10-03.html General Wed, 3 Oct 2007 23:58:09 -0400 As with most compliance regulations, those under them complain "The Government whould stay out of my business/why". While those trying to abide by them are left facing brick wall, which in the end crush those not wanting to comply. http://www.isscp.com/blog/2007/08/08-30.html http://www.isscp.com/blog/2007/08/08-30.html General Thu, 30 Aug 2007 23:58:09 -0400 Why is IT Governance, and Governance to a degree a scare or shock factor to many organization. Surely the benefits outway the processes it takes to implement and run? http://www.isscp.com/blog/2007/08/08-29.html http://www.isscp.com/blog/2007/08/08-29.html General Wed, 29 Aug 2007 23:58:09 -0400 Incident response and the common mistake often made http://www.isscp.com/blog/2007/08/08-28.html http://www.isscp.com/blog/2007/08/08-28.html General Tue, 28 Aug 2007 23:58:09 -0400 Does SAS 70 imply tight security?
Does SAS 70 prove no vulnerabilities?
These questions and more are answered for your understanding.]]> http://www.isscp.com/blog/2007/08/08-27.html http://www.isscp.com/blog/2007/08/08-27.html General Mon, 27 Aug 2007 23:58:09 -0400