The role of information security has not been clearly defined in many organizations and these organizations face challenges such as lack of senior management’s commitment to information security initiatives, poor security planning, integration issues between business goals and information security, issues relating to accountability for implementing, monitoring and reporting on information security and so on. Continue reading “Business Model for Information Security – What is it all about?”
OWASP releases ‘Top Ten’ for 2010
Open Web Application Security Project has come out with the top ten web application security risks for the year 2010. The following table makes a comparative analysis between OWASP Top 10 – 2007 & OWASP Top 10 – 2010
Understanding RAID
RAID or Redundant Array of Inexpensive Disks is a technology for storing the same data across different disks to ensure data redundancy. RAID also employs data stripping (a process where data is divided into blocks and spread over several disks) which improves performance. A RAID appears to the operating system as a single logical hard disk. Continue reading “Understanding RAID”
XBRL – An introduction
XBRL or eXtensible Business Reporting Language is an XML dialect developed for business reporting purposes. It is increasingly becoming the standard for communication of information between businesses on the internet. Continue reading “XBRL – An introduction”
Information Rights Management – An Introduction
Information rights management is a technology which aims to protect sensitive and critical documents and information while at the same time ensuring that it is made available for genuine needs. For example, two companies may negotiate to trade a patent during which the patent details would be made available to the buying company. Despite signing an NDA, if the deal doesn’t happen, the company which was supposed to buy the patent can come out with a new product based on that patent (whose details were made available to it during negotiation stage) with some modifications. Continue reading “Information Rights Management – An Introduction”
Working of a digital signature
The Information Technology Act gives legal validity to internet based communications / transactions like email and EDI etc, i.e. e-commerce in short.In these internet based transactions, a digital signature serves the purpose of identifying the originator of the transaction and ensuring that the communication has happened without any intermediary disturbance like data tampering or modification. Continue reading “Working of a digital signature”
Information Technology Act – Offences & Penalties
This article summarizes the key offences pointed out in the Information Technology Act, 2000 and includes amendments made in the year 2008.
Continue reading “Information Technology Act – Offences & Penalties”
Excel shortcuts
Knowing these excel shortcuts takes you a long way in saving your valuable time while working with MS Excel.
An introduction to SOX compliance
Sarbanes Oxley Act also known as SOX was enacted in the year 2002 in the United States in response to various corporate scams. The objective of the enactment has been to protect the shareholders and the general public from accounting errors and fraudulent business practices. The Act is administered by the Securities Exchange Commission and is applicable to public companies.
Are you visiting secured websites?
The increased usage of internet has brought along with it a wide array of security concerns. Just as how a system and its data can get infected by virus, websites can also get infected with Trojans, virus, malware, adware, injection attacks etc. In this article let’s gain an understanding of how to ensure that one visits a secured and safe website. Continue reading “Are you visiting secured websites?”