lisa17 – WindowsTechs.com

Restricting Developers access to Production in DevOps?

Posted on April 22, 2023 by lisa17

In a devops context, how do you approach seperating development from production environments (which is an ISO27001:2022 Annex A control) ? Is granting developers access to production a necessary evil in today’s agile devolpment context ? O… Continue reading Restricting Developers access to Production in DevOps?→

How to manage ISMS policies and documentation [closed]

Posted on March 12, 2023 by lisa17

The ISO27001 standard requires many policies and procedures which have to be reviewed on regular basis. I have seen Sharepoint and simple network shares being used to manage policies and procedures, but I am looking for a better way that g… Continue reading How to manage ISMS policies and documentation [closed]→

SMTP Email Spoofing

Posted on April 27, 2017 by lisa17

While testing my SMTP server using a telnet session from home, I was able to generate an email using the following commands:

telnet MyEmailServer 25

HELO MyEmailServer

MAIL FROM: RandomValidEmail@mydomain.com
… Continue reading SMTP Email Spoofing→

Difference between an "Information Security Policy" and a "Cybersecurity Strategy"?

Posted on July 22, 2016 by lisa17

What is the difference between an “Information Security Policy” and a “Cybersecurity Strategy”?

I had an argument about this with my management and whilst some think that its basically the same thing, others were adamant tha… Continue reading Difference between an "Information Security Policy" and a "Cybersecurity Strategy"?→

How to Stop Email Spoofing [closed]

Posted on November 22, 2014 by lisa17

Apart from SPF, what else can be done to stop hackers from spoofing your company’s email addresses?

Continue reading How to Stop Email Spoofing [closed]→

Added value of Windows Server 2008 over 2003 in terms of security

Posted on March 25, 2012 by lisa17

What is the added value of a Windows 2008 Server over Windows 2003 in terms of security?
Does Windows Server 2008 has enhanced/new security features compared to 2003?

Continue reading Added value of Windows Server 2008 over 2003 in terms of security→

Added value of Windows Server 2008 over 2003 in terms of security

Posted on March 25, 2012 by lisa17

What is the added value of a Windows 2008 Server over Windows 2003 in terms of security?
Does Windows Server 2008 has enhanced/new security features compared to 2003?

Continue reading Added value of Windows Server 2008 over 2003 in terms of security→

What is the best practice for placing database servers in secure network topologies

Posted on November 13, 2011 by lisa17

I have a classic DMZ architecture:

My webserver is placed in the DMZ.
The webserver needs to communicate with a database server. This database server is the most critical component of my network as it contains confidential data.

Wher… Continue reading What is the best practice for placing database servers in secure network topologies→