Tag Archives: security

Security Threats to Cloud–Based Systems

Security Threats to Cloud–Based Systems Threats to both cloud-based and on-site solutions should be evaluated with an additional focus directed towards security issues specific to cloud services. Cloud security threats can come from internal or external sources, and can originate as human or software based attacks. Threat agents are as follows; anonymous attackers, malicious service agents, trusted attackers,… Read More »

Virtualization of IT Resources. Advantages & Disadvantages

Virtualization of IT resources Virtualization of IT resources has become a popular the past few years but has been around in some form for many years. Example;  thirty years ago IBM had virtual operating systems that allowed multiple copies of an operating system to run simultaneously on mainframe computers. Virtualization is the use of hardware and software to… Read More »

IDaaS, Cloud Data Storage, and Cloud Collaboration

IDaaS, Cloud Data Storage, and Cloud Collaboration The emergence of wide-spread Internet access combined with the development of cloud based infrastructure, platform, and Software as a Service (SaaS), has created an environment where organizations and normal everyday users have access to vast amounts of computing resources and applications at the click of a button. These cloud resources are… Read More »

Cloud Computing Models -SaaS, PaaS, IaaS

Cloud Computing Models -SaaS, PaaS, IaaS Software as a Service (SaaS) SaaS is a cloud model in which users access software, programs, and data in the cloud. SaaS services are commonly accessed with a web browser. SaaS allows organizations an affordable way to access a wide variety of applications while eliminating the requirement for in-house hosted applications, hosting… Read More »

Cloud Computing and System Fault Tolerance

Cloud Computing and System Fault Tolerance Cloud computing use has risen in direct correlation with the development of web 2.0 technologies, as well as the development and increased availability of high-speed communications infrastructure and internet access. Well known advantages of cloud computing include; cost savings, reliability, manageability, and competitive edge (Levelcloud.net, n.d.). One aspect of cloud computing related… Read More »

Risk management is essential to the success of every company

Risk management is essential to the success of every company In business, risk is the likelihood that a loss will occur if a threat exposes a vulnerability. An organization must take risks to thrive, but must also recognize that risk cannot be ignored. The key is to understand threats and vulnerabilities, and then mitigate the threat to vulnerabilities… Read More »

Ethics Related to the Collection of Information. Who Benefits?

Ethics Related to the Collection of Information The following are ethics that must be addressed when information systems are designed, and how they relate to the Confidentiality, Integrity, Availability (CIA) security concept. The first concern related to ethics is; who benefits from the information collected? The applicable area of the CIA security triad is confidentiality. Information collected for… Read More »

Information Security Publication Comparison

Information Security Publication Comparison Chart comparing major sections of the USPS Handbook AS-805 – Information Security to NIST Special Publications; 800-12, 800-14, 800-18, 800-26, and 800-30. Handbook AS-805 – Information Security (USPS, 2015) NIST Special Publications Introduction: Corporate Information Security Generally Accepted System Security Principles (NIST SP 800-14) Security Roles and Responsibilities System Security Plan Responsibilities (NIST SP… Read More »

Information System Incident Response & IRT’s

Information System Incident Response Effective information system Incident response requires proper planning and good management. Since organizations are diverse and vary in size, organizations must design their incident response plans based on a detailed assessment of their information system and business requirements. Constructing a proficient Incident Response Team (IRT) is a critical component of any effective Incident Response Plan.… Read More »