-
How to protect your Hard Disk Drive from sudden failure
Hard Drive failures can be a pain as more often than not, data is always lost in the process. I have had some hard drives carelessly fail without notice thus losing data in the range of 1Tb (1 Terabyte). As frustrating as it was then it could actually have been avoided if I was smart enough…
-
Information Technology General Controls (ITGC)
Information Technology General Controls, popularly called ITGCs refers to the set of control such as policies,procedures, and technologies that an organization puts in place to ensure confidentiality, integrity, andavailability of its information and IT systems.ITGC review is an assessment of these controls to determine their effectiveness in protecting the organization’sinformation and IT systems. A comprehensive…
-
Automotive Cybersecurity. An Introduction
Introduction to Automotive Cybersecurity Cybersecurity is the practice of protecting digital assets from malicious attacks. It is also referred to as “information technology security” or “electronic information security.” The term is used in a variety of contexts, but in this article, we will be considering cybersecurity in the context of automobiles. The automobile industry has…
-
Service Organization Control: An Introduction
Service Organization Control 1 (SOC 1) and Control 2 (SOC 2) are two standards for assessing a service organization’s internal controls. The American Institute of Certified Public Accountants (AICPA) established these standards to assist service organizations in demonstrating their dedication to security, availability, confidentiality, and privacy. SOC 1 is especially concerned with the financial reporting…
-
Cloud Computing Services
In our last article, we talked about the different cloud deployment models: Public, Private, Hybrid, andCommunity. In this article, we will be discussing the cloud computing services which are mainly three types IaaS(Infrastructure-as-a-Service), PaaS (Platform-as-a-Service), and SaaS (Software-as-a-Service). Cloud computing is the distribution of IT resources on-demand through the Internet with pay-as-you-gopricing. Instead of purchasing,…
-
Cloud deployment models
The deployment model is an important aspect of cloud computing. A cloud deployment model is a specificconfiguration of the environment’s variables, including storage capacity, ownership of the deploymentinfrastructure, and accessibility. This implies that deployment models employed by businesses are basedon the ownership (i.e who controls the infrastructure) as well as the location of the infrastructure.…
-
Internet of Things (IoT) Security
The term IoT, or Internet of Things IoT has become one of the most important technologies of the 21stcentury, and it simply refers to the collective network of connected devices (smart devices) each with itsunique identifier automatically collecting and sharing data over a network. These devices range fromordinary household objects to sophisticated industrial tools.The fast…
-
Five (5) API security testing tools you need to know.
There are several tools that have been used to access API security. Depending on each organization’s needs, a certain tool can be the ideal option for one but not the other. Although the majority of these API security testing tools have free trials or versions, enterprise users will probably need to purchase licences or explore…
-
Microsoft SQL Server Security check
SQL Server, owned by Microsoft is one of the leading data platforms used as a production database to store very sensitive data. We should all know by now that data is an organization’s most valuable asset. This makes it a necessity to efficiently secure the SQL Server database.This quick post will highlight some important back-end…
-
5 Resources That will Make You Better at Information Technology Risk
Information Technology Risk has a very important role to play in the risk management field as it brings to the fore the body of risks that can hamper the achievement of business objectives as it concerns the technology environment. In this article, I have listed out five (5) resources that will not only make you…
-
How to sell Information Technology Audit to a skeptic
Information Technology Audit is a sub-field under the Audit function which has garnered a lot of interest in the past few years, largely because of the widespread adoption of technology to drive the core and ancillary parts of businesses. It has become more important because businesses want to address the risk of material misstatements as…
-
Brute-forcing passwords on Microsoft SQL Server to test for weakness
SQL Server is a relational database solution created by Microsoft. It utilises several types of login to gain access to the database namely: Windows authentication which is the default, and is often referred to as integrated security because SQL Server security model is tightly integrated with Windows. In this type of authentication Windows users who have…
-
A Journey to Auditing Virtualization
Virtualization is the process of creating a virtual, representation of an entity, such as virtual applications, servers, storage and networks. It is the single most effective way to reduce Technology expenses by reducing hardware footprint while boosting efficiency and agility for all size businesses. However, good as it is, virtualization can create a single point…