Follow us
Category Archives: Compliance
It’s a simple fact. Good security doesn’t just happen. You need to have a very specific set of knowledge to effectively secure your information assets. The knowledge you need falls into five discrete categories: policies, data, people, systems, and events.
CAUTION: RANT ALERT On Wednesday, November 19, Admiral Michael Walters, the head of the NSA made a very disturbing announcement. He said that China and one or two other countries have the capability to launch a cyber attack that could … Continue reading
A hot debate over the inherent security benefits of open source software — or lack thereof — has been raging (again) since the “heartbleed” bug came to light last spring. So…..from a security expert’s point of view (yes, mine!), is … Continue reading
Posted in Botz Blog, Cloud Security, Compliance, Encryption, IBM i Security, Info Security Mgmt, Information Security, Mobile Security
Tagged AIX, AIX Security, AS/400, Closed Source, cloud security, compliance, cybersecurity, data security, encryption, Information Security, information security management, Open Source, Proprietary, security management
2 Comments
Have you ever encountered a situation where a user needed to use an application that displayed all of the rows in a file, but the user really should be restricted from seeing certain rows in that file?
Posted in Announcement, Botz Blog, Compliance, IBM i Security, Info Security Mgmt, Information Security, Mobile Security
Tagged AS/400, cloud security, compliance, cybersecurity, data security, IBM i 7.2, IBM i Security, IBM i V7R2, IBMi, info security management, Information Security, information security management, V7R2
Leave a comment
Did you ever think that the potential cost of a security breach is overstated by those who want to sell you security software or services? Well, no matter how you add it up, the potential cost to Target during the … Continue reading
A while ago I ran across this white paper from KPMG Netherlands: The five most common cyber security mistakes: Management’s perspective on cyber security. As I was reading it I found myself making my own list. My list is called “5 … Continue reading
I recently collaborated with Patrick Townsend, CTO Townsend Security, on an encryption key management white paper. The paper is targeted at the IBM i audience but actually contains useful information for folks using any platform.
“Former Hostgator employee arrested, charged with rooting 2,700 servers” was the headline of an April 19, 2013 article published by Ars Technica website. Rooting refers to providing the attacker a way to gain superuser access on a computer system. Doing … Continue reading
This from a LinkedIn group post published on SecurityInfoWatch.com: “In the ever evolving threat landscape that is IT security, some security executives have become so focused on taking an approach that meets compliance requirements that their attention has become diverted … Continue reading
