Recent Posts
Information Security Short Takes
Return To Blog Listing
Information Security and ICT Strategy Analysis and Tutorials
Recent Posts Tagged With 'solution building'
5 Minute Security Assessment
A security assessment is a big deal. It takes a lot of time, requires a good chunk of budget since it is done by independent consultants and the outcome is at best 'OK, but could be better'.For all these reasons, as well as some egoistic ones which w...
5 Minute Security Assessment
A security assessment is a big deal. It takes a lot of time, requires a good chunk of budget since it is done by independent consultants and the outcome is at best 'OK, but could be better'.For all these reasons, as well as some egoistic ones which w...
Reduce Risks in Projects with 'Deal Breakers'
Most projects fail due to a manager's ambition or pressure to complete on time. This leads to significant errors.Here are two examples from the opposite sides of the spectrumI have been witness to a very large and very risky project, which was initia...
Paying for Software Support - When to do it?
For a long while, the MySQL Database Server is the choice of start up developers. Since it can be used under the GPL model, it seems free to use it. But is there a point where one would pay for MySQL.Here is an analysis of the conditions under which...
System Hardening Process Checklist
Most administrators and security officers are well aware of the necessity of system hardening for corporate systems.Hardening is the process of securing a system by reducing its surface of vulnerability. By the nature of operation, the more functions...
Is the Server Running - optimal use of redundancy on a budget
When purchasing a server, most companies select a server class computer from a reputable manufacturer. And in this day, usually the servers come loaded with redundant components to optimize server availability and make it more resilient. And yet a lo...
Software vendor relationship - can you make it better?
Your company bought a corporate software solution. Your teams tweaked, modified and tested to get it up to your requirements. Now, you just continue to use it for the next 20-30 years without problems. Right?Well, not quite. The marriage between a co...
High Availability - Clusters have Issues
As IT services become more and more important to the organization, the notion of the a service being down becomes scary. So the organization begins to search for ways to make the IT services more available. The usual solution to high availability is ...
Know the Difference - Backup vs. Archive
Information availability and IT operations require Data Backup. Legal and Compliance requirements dictate Data Archival. But many organizations make the mistake of equalizing Archive with Backup, which can lead to wrong choice of backup or archival m...
Strategic Choice - Proper Selection of Web Hosting
The time of expensive hosting and limited functionalities on web servers are long gone. Today, everyone and their mother is doing web hosting, with a huge hosting disk capacity at very acceptable prices. But even though most hosting providers differ ...
GPS Fleet Tracking - Risks or Benefits?
GPS Fleet Tracking is usually associated with taxi fleets, armored transport and police/security vehicles. In reality, a lot of companies use GPS tracking not just for their company fleet, but also for personal tracking of their top employees or sen...
Controlling Firefox Through Active Directory
Firefox is a great browser. But it is being widely avoided by corporations, since it is difficult to manage Firefox through a corporate-wide security policy, like IE through Active Directory.FrontMotion has published FrontMotion Firefox Community Edi...
The call records theft - security of batch processing
Batch processing is most often overlooked during any security analysis. The main reason is that batch processing operates on millions upon millions of records at a time, and does that at a very fast rate. The second reason is that batch processing us...
Competition Software Testing - Benefits and Risks
Testing of any solution, especially software is a very slow and painful process, which requires a lot of human resources and proper design of test scenarios. Because of the slowness of the process, something can be missed.So a number of companies org...
Template - Software Acceptance Testing
Software testing is becoming a very mature area, even has a formal name - Software Quality Assurance (SQA). SQA is part of the software manufacturing process, and nearly all software manufacturers have this process integrated in their production proc...
Software Response Evaluation Methodology
One of the most important characteristics of corporate software is response time (AKA speed). And it is quite difficult to achieve, since all corporate software solutions are multi-user, and operate on very large data-sets. Of course, everyone would ...
3 Rules to Avoid Problems due to Changes in Development
A software development company can be impacted when trying to modernize their development tools or environment - improper verification can lead to incompatibility with the code, a lot of lost time and energy and a whole lot of headaches for the teams...
4 Controls to Avoid Risks of Fully Trusting a System
All large businesses rely on software solutions to manage many aspects of their business. In time, the business grows so accustomed to the "system" that they deem it authoritative for all information and rarely question it's outputs. When this point ...
Rules for good Corporate Web Presence
In the era of Internet and communications, there are still a lot of organizations which have a poor or misconfigured web presence. This leads to unavailability, loss of contact with potential customers, and even reduced reputation due to bad or missi...
Creating Good Software - Align expectations and development
The easiest way to create a bad product in custom development is to misunderstand the customers expectations. This is a discussion of risks that are brought by poor specification, poor understanding of business needs and the hurry to make a profit.Me...
Information Risks when Branching Software Versions
Branching of software versions is a regular and everyday process in software development. However, branching brings inherent information risks that require good controls and regular oversight. Here is an analysis of these risks and the possible contr...
