Collaborate Disseminate
An embedded device with Linux supports backup/restore of files encrypted with openssl. The idea of backup is: tar -c …. | openssl smime -encrypt -binary -aes-256-cbc -out backupfile.encrypted -outform DER certificate.key and the idea of … Continue reading What is a good common approach for encrypted backup/restore on an embedded device?
I am working from home in Germany and I would like to work from abroad for some weeks, I have to connect to my company VPN before I even sign in to my company computer in order to access my desktop, I would like to know, if it would be pos… Continue reading Setting a second VPN for working form abroad [migrated]
I am a member of the IT security team of a large organization in the financial services industry. I have been with my employer for about 7 years, and am well respected, often serving in advisory capacity to management. Recently we started … Continue reading Is gamification to encourage increased end user awareness of company security policy a good idea? [closed]
Policies are the high-level statement from Senior Management. It’s a philosophy for the management to be guided by, and management has the direction to plan, build, run and monitor the activities to achieve the enterprise objectives from t… Continue reading Do the organisational policies need to have ownership to ensure accountability?
I am looking for a way to hold the departments accountable and ensure they atleast review the policies that we have. I was thinking about using adobe sign but don’t want to go cloud. An application like those that make you scroll to the … Continue reading Making Users Prove They Have Reviewed The Information Security Policy Documents
My wife inadvertently clicked on a flash player update and suddenly my chrome browser displays that it is being managed by an Organisation.
I tried deleting chrome and reinstalling it but nothing changed.
Could this be a malicious attempt … Continue reading Why does Chrome display "Managed by Organisation"? [closed]
I’ve seen scenarios in which organizations don’t invest enough in cybersecurity, are short-handed, and thus have a difficult time meeting the policy requirements defined within their Security Programs. I would assume that many companies do… Continue reading Measuring the Risk of Not Managing Risk
This is a question born more from the user perspective but I’m wondering how it fits into a proper user creation and management policy. As a consultant I tend to work with various different clients and one issue that keeps coming up concer… Continue reading Requiring an on-site visit to reset a password or get VPN access
I’m searching for the GitLab token generation policy but nothing found on documentation :
encryption method (RSA, ECDSA, …), key length, expiration policy, …
It’s to know if it’s in agreement with the security policy of my company
Than… Continue reading What’s Gitlab token generation policy?
I lived under impression that timely updates were very important. Even a home user wouldn’t like their computer to demand ransom for their data. However, the less home and the more corporate our setting is, security only becomes more, not … Continue reading Do corporate systems need to be updated immediately after updates are available? [duplicate]