COMPUTER SECURITY

Posts

November 25, 2022

OVERVIEW OF PCI SSC DATA SECURITY STANDARDS Reference link In an effort to enhance payment card data security, the PCI Security Standards Council (SSC) provides comprehensive standards and supporting materials, which include specification frameworks, tools, measurements, and support resources to help organizations ensure the security of cardholder information at all times. The PCI DSS is the cornerstone of the council, as it provides the necessary framework for developing a complete payment card data security process that encompasses prevention, detection, and appropriate reaction to security incidents. Tools and Resources Available from PCI SSC: Self-Assessment Questionnaires to assist organizations in validating their PCI DSS compliance. PIN Transaction Security (PTS) requirements for device vendors and manufacturers and a list of approved PIN transaction devices. Payment Application Data Security Standard (PA-DSS) and a list of Validated Payment Applications to help software vendors

November 15, 2022

5 Types of Evidence and How to Use Them in a Workplace Investigation Reference link Character Evidence Character evidence is a testimony or document that is used to help prove that someone acted in a particular way based on the person’s morals, personality, or propensities. While this cannot be used to prove that a person’s behavior at a certain time was consistent with his or her character, it can be used in some workplace investigations to prove intent, motive, or opportunity. Demonstrative Evidence This type of evidence includes items that directly demonstrate a fact. Demonstrative evidence falls into two categories: Physical evidence: pieces of evidence you can see and touch, such as a sack of stolen inventory found in the employee’s locker Illustrative evidence: charts, graphs, photos, models, or recordings, such as a video of an employee harassing another employee This is one of the most reliable types of evidence to use in your investigation. While there are some cases where de

November 09, 2022

Complete List of Cyber Security Standards Reference link The foremost aim of the formulation of cybersecurity standards is to improve the security of IT infrastructure and IT products used in organizations. Here, I am listing out a comprehensive list of standards that help you understand the benchmark in IT security. 1 . Information security management system (ISMS) (ISO/IEC 27000 Family): It is a set of guidelines for maintaining infrastructure, mainly the company's data centers, to follow certain legal, technical and physical policies to ensure confidentiality, integrity, and availability of data reside in the company's data centers. It consists of a set of ISO/IEC 27001, ISO/IEC 27002, ISO/IEC 27003, ISO/IEC 27004, ISO/IEC 27005, ISO/IEC 27006, and ISO/IEC 27007. 2. Common Criteria (ISO/IEC 15408): This standard mainly deals with the certification of IT products. It ensures the evaluation of IT products based on a set of approving standards that are widely followed by ind

October 30, 2022

Protect Yourself and Your Devices Reference link Today we use internet-connected devices in all aspects of our lives. We go online to search for information, shop, bank, do homework, play games, and stay in touch with family and friends through social networking. As a result, our devices contain a wealth of personal information about us. This may include banking and other financial records, and medical information that we want to protect. If your devices are not protected, identity thieves and other fraudsters may be able to get access and steal your personal information. Spammers could use your computer as a "zombie drone" to send spam that looks like it came from you. Malicious viruses or spyware could be deposited on your computer, slowing it down or destroying files. By using safety measures and good practices to protect your devices, you can protect your privacy and your family. The following tips are offered to help you lower your risk while you're online. Keep you

October 27, 2022

Change Management System Reference Link According to the PMBOK Guide 6th edition, Change Control is focused on identifying, documenting and controlling changes to the project and the project baselines. In the change management system, you manage the changes related to the project scope, planning, and baselines. For example, you run out of money, and you need additional funding to complete the project, therefore, you will raise a change request for additional funds. Or you may not be able to complete your project within the specified time and require a time extension. In the change management system, the change request is analyzed for any possible impact on any other project objectives. Afterwards, the request is either approved or rejected. To minimize disruption, a change management system must ensure that all parameters are identified and analyzed for any possible impact. If the change request is approved, you will update the concerned baseline, update the project documents, and inf

October 21, 2022

Intellectual property and reason to protect it Intellectual property refers to intangible creations of the mind, such as inventions; literary and artistic works; designs; and symbols, names and images used in commerce. Generally, all companies own some form of intellectual property. Why is it important Intellectual property rights and registrations allow companies to protect their core business and research and development activities, while creating a stronger negotiating posture for cross-licensing and counterclaims. Intellectual property rights and registrations also allow a company to block competitive products, dissuade potential entrants and clear a technological path for future market share. Protecting one's organization is just one of the benefits of registering intellectual property, it also allows you to build value. Intellectual property is counted as an asset when determining the value of a company and can even be used as collateral for a loan. The four general categori