Collaborate Disseminate
Given firewall
inbound: all are blocked
outbound: allow port 80, 443
Problem
colleagues are still able to ssh to home device by port 80/443, and establish a reverse ssh tunnel from company to home, and further from home… Continue reading How does a network admin block the reverse SSH in company?
I just got a new job at a medium-sized (~100 employees) company and one of the first things I was told is that I cannot use my own computer, because I need to be able to connect to their network, access files, etc. I didn’t t… Continue reading Is there a legitimate reason I should be required to use my company’s computer? (BYOD prohibited)
From what I can tell, Apple Watch apps act like a remote control to a nearby iPhone using Bluetooth or BLE.
Conversely Android watches have the ability to run full applications, and therefore have a local storage component.
Some regula… Continue reading What are the privacy and infosec risks with Apple Watches and Android Wear?
My compliance manager recently told me that Lync IMs should be treated as e-mail for compliance purposes.
This also made me realize that our other email policies (encrypted device, pin required, etc) should also be adopted … Continue reading Possible for Lync (Skype for Business) to adopt Activesync-style policies?
My compliance manager recently told me that Lync IMs should be treated as e-mail for compliance purposes.
This also made me realize that our other email policies (encrypted device, pin required, etc) should also be adopted … Continue reading Possible for Lync (Skype for Business) to adopt Activesync-style policies?
I’ve been asked why do we trust organizations that certifies ISO 27001? From where did they get the authority and recognition to be able to certify ISO 27001?
For example, I can start a certification business and certify that a company is… Continue reading Why do we trust organizations that certificate ISO 27001?
Allow me to give some background information, so you may understand my situation better.
We have been prone to sending emails to unintended recipients, many of which contained confidential data. Email is the only medium of c… Continue reading Secure file sharing, instead of attaching files to emails?
As the title says, my company has a policy that all passwords to e.g. our workstations and server logins must be stored in an online safe. I won’t say which one but there are some out there you can look at promising the end of password pai… Continue reading My company policy states I must put all passwords in a password safe shared with management. Is this secure?
Do you know how could I make my security complaints/advices more effective? Or How could I convince my boss about IT security?
There are a couple of known good practices in the field of IT security. My boss seems oblivious t… Continue reading How to convince your boss about importance of IT security
I’ve recently been tasked with putting together a security policy for a small startup firm consisting of ~30 people in the UK. Largely up until now there has been nothing concrete in place, however as we’re looking to take on clients in th… Continue reading How to devise a security policy?