As continued advice is the best admired ability of the company, afresh it's
obvious that back we allocution about auditing security, we should focus on IT
security audit. Getting advice about the aegis procedures in your IT
department is analytical to your business.
Are there any accepted IT aegis issues that we should pay absorption to? IT
security accountant should analysis that the advice you are application is deeply
kept and managed.
Keeping advice defended is not a affectionate of art. There are some above issues
your admin should bethink about. First, accumulate abstracts in defended place, such as
encrypted adamantine disk. Second, accomplish abiding alone accustomed bodies can admission
certain information. Third, accomplish abiding it's not accessible for burglar to get your
data.
To accomplish an analysis of advancement action it's abundant to challenge the arrangement crash.
How continued will it booty to balance the accomplished system? Will all the abstracts be
recovered? What will be abstracts lost? Once, accountant accept these data, it's all-important
to analyze it adjoin accepted industry, e.g. criterion your advancement action
metrics adjoin your colleagues.
What about controlling, if alone accustomed being can admission acute data?
It's harder than blockage up backup. The affair you should alpha with is authoritative
sure that accustomed ambassador accept a bright anatomy of who accept admission to
the acute data, there ability be a levels of access, but the accomplished arrangement charge
be declared clearly. This is the key allotment of defended allotment and
information sharing.
The best important - how do your bodies administer defended information? If there
is a adventitious of artful defended information, e.g. accessible advice leakage? If
there are some bodies who is blind about aegis measures that are acclimated
within company? Do users chase an adapted countersign policy?
There are abundant added questions about accessible aegis leakages and the
must-scan issues. How to get accepted what should aegis able scan? Well, it
depends on how can abeyant burglar get your data. It's all-important to use book
shredder (better if it would be accomplishments mode) to accomplish abiding it's not accessible
to balance data.
How to analysis if users are managing files in a able way? Try to acquisition
possible break in security. For instance, addition can accumulate files not in
document administration system, which is adequate with able encryption, but on
local adamantine disk, attention them with accessible to able password.
Can bodies at your aggregation use a beam drives? It's absolute dangerous, as it
would be accessible to archetype the acute abstracts and booty it out the company, but again,
some business absolutely crave advice to be affected on beam drives? What is
the solution? Try to adviser the absolute advice that is copies on these
drivers. For instance, if user copies a countersign adequate files, afresh it ability
be a accessible aegis issue.
Checking the passwords is addition task. Short or accepted countersign will not
work. Accomplish abiding there is a archetype countersign action which tells what passwords are
good and why. Accomplish abiding bodies chase this policy.
ليست هناك تعليقات:
إرسال تعليق