employees

Disaster Recovery

Disaster Recovery and Incident Response

In information technology, disaster recovery is defined as a group of actions that are taken within the event of major disaster and returning into the market within a brief period of your time . the most objective of disaster recovery is to attenuate the adverse effect caused by those disasters, and help to stop from future occurring. Disaster can include computer related issues like hacker attacks and computer viruses, electrical issue like power outage and …

Disaster Recovery and Incident Response Read More »

ISO-27001-Annex-A.16.1.2-Reporting-Information-Security-Events

ISO 27001 Annex : A.16.1.2 Reporting Information Security Events, A.16.1.3 Reporting Information Security Weaknesses & A.16.1.4 Assessment of and Decision on Information Security Events

In this article explain ISO 27001 Annex : A.16.1.2 Reporting Information Security Events, A.16.1.3 Reporting Information Security Weaknesses & A.16.1.4 Assessment of and Decision on Information Security Events this contols. A.16.1.2 Reporting Information Security Events Control- Information security incidents should be reported as quickly as possible through appropriate management channels. Implementation Guidance- Both employees and contractors will be made aware of their responsibility as soon as possible for reporting security incidents. The reporting protocols and …

ISO 27001 Annex : A.16.1.2 Reporting Information Security Events, A.16.1.3 Reporting Information Security Weaknesses & A.16.1.4 Assessment of and Decision on Information Security Events Read More »

ISO-27001-Annex-A.9.2.5-Review-of-User-Access-Rights

ISO 27001 Annex : A.9.2.5 Review of User Access Rights & A.9.2.6 Removal or Adjustment of Access Rights

In this article ISO 27001 Annex : A.9.2.5 Review of User Access Rights & A.9.2.6 Removal or Adjustment of Access Rights these two topic has been explained. A.9.2.5 Review of User Access Rights Control- Access rights of users should be reviewed regularly by asset owners. Implementation Guidance- The following should be considered while reviewing the access rights:- Access rights of users should be reviewed at regular intervals and after any changes, such as promotion, demotion …

ISO 27001 Annex : A.9.2.5 Review of User Access Rights & A.9.2.6 Removal or Adjustment of Access Rights Read More »

ISO-27001-Annex : A.7.2-During-Employment

ISO 27001 Annex : A.7.2 During Employment

ISO 27001 Annex : A.7.2 During Employment Its objective is to make sure that employees and contractors are conscious of and fulfill their information security responsibilities. A.7.2.1 Management Responsibilities Control- Management should mandate all employees and contractors to exercise information security in accordance with established policies and procedures set by the organization. Implementation Guidance- Responsibilities for management should include ensuring employees and contractors are: Are adequately briefed about information security role and responsibilities before given …

ISO 27001 Annex : A.7.2 During Employment Read More »

ISO-27001-Annex : A.7-Human-Resource-Security

ISO 27001 Annex : A.7 Human Resource Security

A.7.1  Prior to Employment ISO 27001 Annex : A.7 Human Resource Security Its object is to make sure both employees and vendors recognize their duties and are suitable for their positions. A.7.1.1  Screening Control- Background verification checks on all job applicants will be performed in compliance with applicable rules, legislation, and ethics and should be proportionate to business criteria, classification of the information to be obtained, and potential risks. Implementation Guidance- All applicable privacy, personal identity …

ISO 27001 Annex : A.7 Human Resource Security Read More »

How-will-Social-Engineering-be-in-the-Future

How will Social Engineering be in the Future

What is social engineering? Social engineers exploit human behavior (manners, enthusiasm toward work, laziness, innocence, etc.) to achieve access to the targeted company’s information resources. Social engineering attacks are difficult to protect against, because the victim won’t remember that he or she has been deceived. They’re greatly almost like other forms of attacks wont to extract the company’s valuable data. To protect against social engineering attacks, an organization must evaluate the danger of various sorts …

How will Social Engineering be in the Future Read More »

Most-Effective-Ways-to-Overcome-Impersonation-on-Social-Networking-Site’s-Problem

Most Effective Ways to Overcome Impersonation on Social Networking Site’s Problem

Most Effective Ways to Overcome Impersonation on Social Networking Site’s Problem In this article you will learn Social Networking Sites, Insider Threats, Type of Insider Threats and Insider Attack Effective etc. Impersonation on Social Networking Sites Today social networking sites are widely used by many people that allow them to build online profiles, share information, pictures, blog entries, music clips, and so on. Thus, it is relatively easier for an attacker to impersonate someone, The …

Most Effective Ways to Overcome Impersonation on Social Networking Site’s Problem Read More »