| As long information is the most valuable
| |
| | manage secure information? If there is a
|
| resource of the company, then it's
| |
| | chance of copying secure information,
|
| obvious that when we talk about auditing
| |
| | e.g. possible information leakage? If
|
| security, we should focus on IT security
| |
| | there are some persons who is unaware
|
| audit. Getting information about the
| |
| | about security measures that are used
|
| security procedures in your IT department
| |
| | within company? Do users follow an
|
| is critical to your business.
| |
| | appropriate password policy?
|
| Are there any common IT security issues
| |
| | There are much more questions about
|
| that we should pay attention to? IT
| |
| | possible security leakages and the
|
| security auditor should check that the
| |
| | must-scan issues. How to get known what
|
| information you are using is securely
| |
| | should security expert scan? Well, it
|
| kept and managed.
| |
| | depends on how can potential intruder get
|
| Keeping information secure is not a kind
| |
| | your data. It's necessary to use file
|
| of art. There are some major issues your
| |
| | shredder (better if it would be
|
| admin should remember about. First, keep
| |
| | background mode) to make sure it's not
|
| data in secure place, such as encrypted
| |
| | possible to recover data.
|
| hard disk. Second, make sure only
| |
| | How to check if users are managing files
|
| authorized persons can access certain
| |
| | in a proper way? Try to find possible
|
| information. Third, make sure it's not
| |
| | breaks in security. For instance, someone
|
| possible for intruder to get your data.
| |
| | can keep files not in document management
|
| To make an audit of backup process it's
| |
| | system, which is protected with strong
|
| enough to emulate the system crash. How
| |
| | encryption, but on local hard disk,
|
| long will it take to recover the whole
| |
| | protecting them with easy to crack
|
| system? Will all the data be recovered?
| |
| | password.
|
| What will be data lost? Once, auditor
| |
| | Can people at your company use a flash
|
| have these data, it's necessary to
| |
| | drives? It's very dangerous, as it would
|
| compare it against common industry, e.g.
| |
| | be easy to copy the sensitive data and
|
| benchmark your backup process metrics
| |
| | take it out the company, but again, some
|
| against your colleagues.
| |
| | business really require information to be
|
| What about controlling, if only
| |
| | copied on flash drives? What is the
|
| authorized person can access sensitive
| |
| | solution? Try to monitor the actual
|
| data? It's harder than checking up
| |
| | information that is copies on these
|
| backup. The thing you should start with
| |
| | drivers. For instance, if user copies a
|
| is making sure that authorized
| |
| | password protected files, then it might
|
| administrator have a clear structure of
| |
| | be a possible security issue.
|
| who have access to the sensitive data,
| |
| | Checking the passwords is another task.
|
| there might be a levels of access, but
| |
| | Short or known password will not work.
|
| the whole system must be described
| |
| | Make sure there is a copy password policy
|
| clearly. This is the key part of secure
| |
| | which tells what passwords are good and
|
| authorization and information sharing.
| |
| | why. Make sure people follow this policy.
|
| The most important - how do your people
| |
| |
|
