Posts Tagged ‘iso 27002’

Network Access Control and Security

The purpose of network access control is to protect and safeguard assets attached to network from threats of unauthorized users gaining access to organization’s assets. Network Access Control (NAC) authenticate users to make sure they are authorized to login and following the policies and procedures for login before authorized to use organization assets. Some of […]

Comments (2)

vsRisk and security risk assessment

Information Security Risk Management for ISO27001 / ISO27002 The State of California has adopted ISO/IEC 27002 as its standard for information security and recommends other organizations and vendors to use this standard as guidance in their efforts to comply with California law. To achieve an ongoing compliance, major organizations require tools to comply with standard […]

Comments (6)

Laptop security and vendor assessment

Another report of a laptop stolen, this one containing reams of sensitive customer information. The laptop was later returned in the same office complex, to a room which was reportedly locked; however, the sensitive data on the laptop was not encrypted. According to a San Francisco Chronicle article by Deborah Gage (Aug 6, 2008, pg. […]

Comments (4)

ISO27k and compliance

Security review is performed to identify and analyze risks and weaknesses in the current security posture of an organization. An ISO assessment is performed utilizing international standard ISO 27002 and company security policy, the purpose of the review is to evaluate the information security posture of an organization based on international standard. The level of […]

Leave a Comment