authorization

ISO-27001-Annex : A.9.1.2-Access-to-Networks-and-Network-Services

ISO 27001 Annex : A.9.1.2 Access to Networks and Network Services

Leave a Comment / ISO 27001 La, Knowledge Base / By

Control- ISO 27001 Annex : A.9.1.2 Access to Networks and Network Services Only network and network facilities which have expressly been approved for use will be made available to users. Implementation Guidance- A policy on the use of networks and network policy should be developed. Following points should be covered in this policy: networks and network infrastructure to which access is permitted; Authorization procedures for determining who is permitted to access which networks and Networking services; …

ISO 27001 Annex : A.9.1.2 Access to Networks and Network Services Read More »

ISO-27001-Annex : A.6-Organization-of-Information-Security

ISO 27001 Annex : A.6 Organization of Information Security

Leave a Comment / ISO 27001 La, Knowledge Base / By

6.1 Internal Organization ISO 27001 Annex : A.6 Organization of Information Security its object is to establish a management framework for initiating and controlling the implementation and functioning of information security within the organization. 6.1.1 Information Security Roles and Responsibilities Control- All responsibilities related to information security should be well defined and assigned. Implementation Guidance- Allocation of information security responsibilities should be carried out in compliance with information security policies (Refer A.5.1.1). Responsibilities for the …

ISO 27001 Annex : A.6 Organization of Information Security Read More »

Identity-and-Access-Management

What is Identity and Access Management?

Leave a Comment / CEH / By

Modern enterprises currently need fast, easy and secure access to IT resources, from anywhere and at any time, provided with effective security controls on IT assets that protect from both internal and external threats. Advancement in technologies like IoT (Internet of Things), M2M Communication, Bring Your Own Device (HOD) pose a variety of internal and external threats and vulnerabilities to the organizations. Identity and Access Management solutions have become an important part of IT strategic …

What is Identity and Access Management? Read More »

Network-Security-Controls

Network Security Controls

9 Comments / CEH / By

Network Security Controls are used to ensure the confidentiality, integrity, and availability of the network services. These security controls are either technical or administrative safeguards implemented to minimize the security risk. To reduce the risk of a network being compromised, an adequate network security requires implementing a proper combination of network security controls. These network security controls include: Access Control Identification Authentication Authorization Accounting Cryptography Security Policy These controls help organizations with implementing strategies for …

Network Security Controls Read More »