MPLS (Multiprotocol label switching) is a data transportation technique and nothing more.
MPLS (Multiprotocol label switching) is a data transportation technique and nothing more.
Payment Card Industry Security Standards Council (PCI SSC) has prescribed PCI Data Security Standards (PCI DSS) for keeping payment cardholder data secure. PCI DSS applies to any business that stores, processes, or transmits cardholder data. In practice, this means PCI applies to all merchants that accept card payments, as well as to the member financial institutions and service providers that process the associated transactions. Matrix of the compliance requirements prescribed by PCI SSC is given in the table below. Before studying the table, it would be helpful to understand the terms cardholder data, merchant, service provider, acquirer, application scanning vendor and qualified security assessor. Continue reading “Understanding PCI DSS compliance requirements”
Qadit has expanded its operations to Sri Lanka under the banner ‘Qadit Information Security Solutions Lanka (P) Ltd’. The office is located in Grandpass Road in Colombo. Qadit, which has been providing world-class end-to-end information security solutions to clients since 2001 from India, will be providing its full range of services of including information security audits, information security consulting, SAP audits and business process reviews to Sri Lankan organisations from its Colombo office. Qadit Information Security Solutions Lanka (P) Ltd. is also a member of the SLASSCOM (Sri Lanka Association of Software and Service Companies).
‘Virtualization’ in information technology parlance is the process of breaking a single physical resource into multiple logical / virtual resources. This can be better understood through an example of server virtualization. Continue reading “‘Server Virtualization’ simplified”
Terms ‘Business Continuity Plan’ (BCP) and ‘Disaster Recovery Plan’ (DRP) are being used interchangeably in information security management. These terms, though related, have the following differences: Continue reading “Business Continuity Plan Vs. Disaster Recovery Plan”
Tabnabbing is the newest form of phishing attack. You can try out the following series of events to find out as how you can be tabnabbed. Continue reading “Do not lose your passwords to ‘tabnabbing’”
For medium to large data volume environments, it is advisable to physically separate application and database servers.
Continue reading “Why an application server has to be separated from database server?”
As part of the business continuity or disaster recovery, it is imperative for every organization to maintain a copy of its electronic data at an offsite location. Offsite backups can be maintained manually or through automatic means. When maintained manually, the backups are taken physically on media like tapes, magnetic discs etc at the onsite location and then transported to the offsite storage location. In an automatic offsite backup, there is no manual intervention involved and therefore is less error prone and can be done at more frequent intervals. Couple of automatic offsite backup solutions are listed below. Continue reading “Automatic offsite backup techniques”
When an enterprise is small in size the IT infrastructure consists of a server room with couple of low end servers, some networking devices and client PCs. But as the organization grows the IT infrastructure too grows in size. Medium to large scale enterprises have data centers of their own or outsource the data center (DC) operations to service providers who specialize in DC operations. In this article, let us have a peek into a typical data center and look at what components are deployed.
Do you know that your hi-tech copier machine is secretly capturing your confidential information? Not many of us know that. But the fact is hi-tech copiers and multi-function printers / scanners come with hard disks which retain the images of the documents copied. Continue reading “Your spy is sitting in your office corner”