Collaborate Disseminate
We are about to sign a contract with an OCR service provider (Scanned documents(personal information) will be sent, which will be processed OCR, data transmitted back and documents deleted.)The service provider offers an OCR service using… Continue reading Information Security Governance – security measures
I’m reading a security policy, which seems to be a system security policy and there is an item that requires the system to implement a specific standard, something like “Implement the standard XYZ”. Standard XYZ specifies a … Continue reading Is this a "valid" security policy item?
An ICO (Information Commissioner’s Office) report has found that 45% of customers don’t trust organisations with their personal data. This is hardly surprising, given the constant news stories about cyber attacks and organi… Continue reading Why customers don’t trust your organisation with their personal data
We’re setting up an secure development and vulnerability management process in our firm. Our firm develops several IT solutions in parallel. The process will influence the way we develop those IT solutions because it introduc… Continue reading What useful sources can help us in the development of a functional and non-functional security requirement baseline?
Data mapping will be a key part of your compliance project in the run-up to the EU General Data Protection Regulation (GDPR) compliance deadline of May 2018. The Regulation introduces numerous changes – and the change from complying with the curr… Continue reading GDPR data mapping key elements
Find out the hardware you need for Hyper-V with Windows Server 2016.
read more Continue reading Hyper-V requirements for Windows Server 2016
I know that misuse cases are use cases which help identify security requirements as they highlight the user’s goal in misusing the system, but what exactly is abuse cases and what is the difference or these very similar to each other?
… Continue reading What is the difference between misuse and abuse cases in security?